By Dennis Amorosano
Dec. 1, 2011
In today’s wired workplace, the traditional office copier has evolved into a highly intelligent multifunction device containing powerful software and storage capabilities where information is written, stored and accessed. However, this technology has also opened a potentially dangerous hole in IT security. Despite the integral position that multifunction printers (MFP) have within a network, business owners tend to overlook the security risks inherent in these devices, and focus on protecting computer-based data. Executives must recognize that the MFP of today is a network-centric device that requires careful consideration and incorporation into a holistic information security plan.
Printers and MFPs have hard drives that store data similar to those on computers and mobile devices, which means that residual data remains on a printing device after recent tasks have been completed. Because the majority of data security breaches originate with information stored on a networked device or internal hard drive, much of the security measures are placed on minimizing external access to sensitive information, with little consideration to safeguarding internal weaknesses. According to the 2010 Data Breach Investigations Report, more than one third (36 percent) of attacks originate from end-user devices, meaning the devices used by employees are the first point of entry for potential hackers, including printers and MFPs.
Whether an organization needs to meet the strict security demands of the private sector or comply with the stringent privacy and auditing regulations of the public sector, most print providers offer features that help form a comprehensive security solution that delivers higher levels of data protection. The following preventative measures can also help minimize and defend against potential MFP data security breaches.
User Authentication
It is important to remember that what users send to a networked device can potentially be seen by anyone. Controlling an MFP begins by controlling access to the device via user authentication. Universal-facility ID card access, key pad log-ins or personal identity verification can be used to control access to computers, buildings and networked devices. As an initial component of network hardening, device-based login is an effective way to control who can access particular features on a given MFP device. It also enables an organization to build a detailed record of usage that can be reviewed in response to security issues or to monitor overall efficiency.
Data Encryption
Disk encryption, which uses proprietary software or hardware to make files unreadable to unauthorized parties, will effectively protect data from unauthorized access. Built-in data encryption kits are designed to protect all temporary data and stored documents on the internal disk drive of an MFP. Using an inaccessible key, the data is virtually irretrievable by anyone seeking to recover it from within the device or through external file recovery utilities. Further, this prevents an encrypted hard disk drive from being moved from one device to another, since encryption keys are not stored on the disk drive directly.