OPINION: Six principal printing-related security threats

19 Nov 2010

The half-dozen headaches firms must fix to stay safe.

Among the many high-profile challenges facing Irish businesses at the present time, IT security may not seem like a major concern. With the prevalence of modern firewalls, intrusion-detection systems and advanced password technology, many businesses will feel sure their data is secure.

In spite of this, businesses addressing their network security issues often still neglect one crucial area of vulnerability: that of their printing infrastructure. While many companies have taken extensive measures to protect their networks, one of the most overlooked areas in establishing a security strategy is the document production environment.

While the use of smartcards, biometric identification or PIN codes to secure enterprise print environments is widespread, according to the European Network and Information Security Agency, nearly half (47pc) of corporate organisations surveyed currently use no form of authentication for printing. In this sense, print can be considered the “forgotten link” in the corporate security chain. As the list of litigious security breaches brought about by the misappropriation of printed materials grows, the consequences of these security breaches can be just as profound as those for the electronic variety. 

Compliance challenge

The issues involved in effectively managing a print infrastructure are not limited to IT security alone. A growing list of regulatory requirements, including Sarbanes-Oxley, increasingly means that print infrastructure management is an important compliance factor. As imaging and printing products become more tightly integrated into critical business operations, the capabilities enabled by these printing systems can create additional risks.

Unsecured printers, or any product that resides on the printing network, can cause a costly security breach if confidential information is jeopardised. A secure business environment comes from having a clear understanding of legal requirements, knowing how imaging and printing infrastructure maps to those requirements and understanding the usage patterns of employees. 

There are six principal security threats that businesses should be aware of: 

Hard copy – confidential documents that are left lying on the printer output tray for anyone to see.

Network sniffing – illicit “sniffs” to print data from the network can provide anyone with a copy of a printed document.

Theft – someone stealing either the printer or the printer hard disk to obtain vital information stored inside.

Product configuration – unprotected products can be reconfigured, under certain conditions, to take the device out of service, or expose confidential information.

Information disclosure – multifunction printers (MFPs) and digital senders can be used to send confidential documents via email or fax, which bypass security control mechanisms.

Document manipulation – documents can be fraudulently manipulated or copied after the printout.

Technology providers are developing solutions which will help businesses address these threats while also reducing cost, complexity and risk associated with securing the enterprise printing network. These can give companies the ability to customise their operations to better address security, regulatory needs and defend against business attacks. To safeguard data, print management solutions automate and route printing and defend printers from unauthorised users and protect information on devices.

No two businesses are alike and neither are their secure printing requirements. Organisations have different levels of security needs and technology providers need to allow for these different enterprise security requirements. By selecting and implementing security technologies, companies are controlling access to their printing infrastructure, enabling data tracking and accountability and protecting their sensitive corporate information, therefore ensuring the security of their printing infrastructure.

Gary Tierney is country manager for HP’s image and printing group in Ireland