The growing network of connected Internet of Things (IoT) devices, combined with big data, has created a data explosion that is fuelling a drive towards data becoming the new currency. As more organisations recognise this, it’s important that they include print security as part of their wider cybersecurity strategy, according to enterprise office solution provider, Y Soft Corporation.
According to Quocirca, in 2013, nearly 63 per cent of organisations experienced at least one security breach through printing. However, despite this, a 2015 Ponemon Institute study showed that 56 per cent of organisations exclude printers and multifunctional devices (MFDs) from their security strategies.
Nick Parkes, Regional Sales Manager at Y Soft said, “with the recent slew of data breaches and the introduction of GDPR, it’s never been more important for organisations to protect their data at every touch point, especially with networked MFDs. If not secured properly, these devices can present a considerable risk to businesses and given the damage a breach can have on an organisation’s operations, bottom line and reputation, it is vital that print security is considered a key pillar in a company’s wider cybersecurity strategy.
“Although the threat landscape is increasing, so are the software and hardware solutions to combat these threats. Yet, many organisations do not secure access to their MFDs and unauthorised or open access to an MFD creates the potential for a security breach.
“Organisations should therefore consider a solution that removes this risk, keeping the device locked until an employee’s identity has successfully been verified. An identity authentication process eliminates printed documents left in the print tray since print jobs are not processed unless the user has correctly authenticated at the MFD and can pick up the documents immediately.
“Identity authentication can be achieved through a wide variety of methods – ID cards, PIN codes, login passwords. In addition, some organisations choose to authenticate via a mobile application.”
When using a mobile app to authenticate, employees can identify a network printer by scanning its QR code, NFC or beacon. The mobile application uses a one-time activation link, which is sent to a user's email and after successful activation, a mobile terminal token is generated for this specific user and, thereafter, is used for the user’s authentication.
This procedure protects the printer’s domain credentials from an attacker replacing the QR code / NFC / beacon, since it does not require these to be entered in the application.
Nick added, “administrators can also mitigate risk to their networks through the MFD by monitoring and analysing incoming traffic. Print activity to the MFD should only come via an approved software platform and all other traffic can be blocked. This limits attack vectors attacking the MFD from other networks.
“In order to create a secure network across the board, it’s vital that organisations look at every single touch point, including MFDs. It’s crucial to implement print management software and hardware that places a strong emphasis on security, and for the focus on this to be supported by wider decision-makers beyond the IT department.”