|From Plaza eGov|
Data breaches are big business – of the worst kind – and it might be happening right under your nose from your imaging and printing devices, says Pierre Mirlesse, Vice President, Managed Enterprise Solutions, Imaging & Printing Group of Hewlett-Packard Asia Pacific & Japan.
Data breaches from your imaging and printing devices can cost a government agency millions of dollars in damages and pose a serious breach of privacy laws.
A popular television network in the US recently revealed and what could possibly be the biggest threat to a government agency.
Nearly every digital copier or printer built since 2002 contains a hard drive that stores an image of every document scanned, copied or emailed by the machine.
In the process it makes the machine a digital time bomb filled with information that might be highly personal or sensitive data.
A technology consultant in New Jersey, USA was shocked to find out the printers he bought had images of thousands of documents with highly sensitive data including national crime division’s detailed accounts of adult offenders including their addresses with specifics of their offense; one of the devices from an insurance firm had images of 300 pages of detailed individual medical records.
Arguably this was a serious breach of privacy laws and potential threat to national security.
With the velocity, veracity and volume of security breaches increasing at a dramatic rate, protecting government networks is one of the most critical national security challenges facing governments today.
Governments have sophisticated procedures for securing paper documentation and protecting electronic data stored in PCs and servers.
However, the process of turning electronic information to paper documents is often overlooked.
As printers have evolved from simple output devices to multi-functional, networked tools (MFPs), they can be as vulnerable as PCs.
To ensure that data being printed remain confidential, it is important to first assess your imaging and printing environment to understand the possible vulnerabilities:
- Output tray: How many documents are sitting in your MFP output trays in your department right now? Are they confidential? Who can see them, pick them up and share them?
- Hard disk: Did you know printers and MFPs are equipped with a hard disk where copies of the data sent for printing are stored? A printer leaving your agency could have a drive full of sensitive information.
- Network: An internet search for “sniffers” will pull up numerous applications to intercept print jobs as they travel over the network to a printer or MFP.
- Control panel: MFPs are powerful devices. Wit hout full visibility over access and use of the device, you can’t control use and prevent abuse.
- Input tray: Organisations often use special media to print official documents, prescriptions or cheques. Without secure input trays, these media can be tampered with or stolen.
- Fleet control: Controlling a handful of printers is easy enough, but systematically securing an entire fleet of devices requires thoughtful planning and a tailored solution.
By assessing your fleet and determining what types of devices you have, how they are used and by whom, you can implement security features and solutions that greatly reduce the chance of a breach.
The following three steps will help reduce the chance of compromising information on your output devices:
Secure the Document by ensuring your device can support
- Authentication – HP MFPs support authentication. A variety of numeric keypad, proximity, and swipe-card solutions are also available.
- Control panel lock – Using a password to prevent unauthorised users from changing device configuration.
- Private PIN printing – HP MFPs allow a personal identification number per print job, which is only released after that PIN is entered at the control panel.
Secure the Device with
- Disk drive lockout – The hard disk drive on many HP LaserJet MFPs and printers can be physically secured using a lock that requires a physical key for removal.
- Hard disk overwrite – HP MFPs and printers provide built-in capability for overwriting data stored on them, allowing sensitive data to be safely removed.
Protect the Network with
- Encryption – Encryption of network-transmitted data stored on hard disk drives secures print jobs from the printing client to the MFP‘s or printer‘s internal printing engine.
- Server-based access control like Windows NTLM, LDAP, Kerberos, and Novell authentication and authorisation. Most HP MFPs have device-based LDAP authentication.
- Usage reporting – Track usage for all models by job, user, device, or application via the HP Web Jetadmin Report Generation plug-in.
- Content security management – Control document access, revision, and lifespan from HP Information Lifecycle Management Solutions and HP Secure Printing Solutions.