Around the world, governments are requiring businesses to take a harder look at their data privacy and security regulations. In Australia, amendments to the Privacy Act 1988 (Cth) will in many cases require organisations to notify both individuals and the Office of the Australian Information Commissioner where there has been a data breach.
With regulations constantly changing like this, it can prove challenging for businesses to find the time and resources to keep up. However, if they fail to offer more than a simple firewall as a guard against attacks, they could breach regulations and face fines that can run into the millions.
There’s no doubt that every business will experience a regulatory breach at some point, so it’s essential to identify when it happens and correct it as soon as possible with the right processes and tools. Fear not! You can use this checklist as a practical resource if you’re looking to improve IT security for endpoint devices, protect your brand name, avoid costly consequences, and comply with the strict new regulations.
Starting off with the basics, work your way down this list to the advanced security layers. Then, you can be confident that your endpoint devices align and are compliant. This handy checklist will also help your IT department secure printer endpoints, which are often overlooked.
Basic security layer
As always, you should start with the basics, so here’s a few initial steps to implement or at least consider for updating:
- Only purchase endpoint devices with built-in malware protection and encrypted hard drives.
- Update firmware, especially versions with critical security patches—as you would when updating the apps on your mobile phone.
- Configure device interfaces, and lock down protocols, like FTP and telnet, that are not required by your applications.
- Review new devices and close ports or protocols not currently in use that could give intruders access.
- Apply unique administrative passwords to each device.
- Lock down the front panel to disable access to administration features.
- Encrypt data flowing to and from the device.
- Set hard disk erase procedures for old data—especially on printers you’re trading in.
Once this is complete, move onto the next layer of security.
Medium security layer
Next is a medium security layer that will protect you from the potential risk areas that are often overlooked or sometimes fall by the wayside through complacency:
- Integrate printer systems’ log data into your SIEM tool to fully monitor the network for threats. For new compliance regulations, visibility is key to meet the reporting requirements.
- Deploy user authentication at the printer to track who’s copying, scanning, and faxing from the device. This data is helpful in a forensics investigation after a breach.
- Deploy pull printing to avoid sensitive information being forgotten. This also helps your environmental standards by reducing wasted prints.
Now, you can move onto the final, advanced layer of security.
Advanced security layer
This is your heavy-duty layer of security that protects your network from all the malicious high-risk factors:
- Set up job tracking and accounting reporting.
- Consider setting and automatically enforcing rules regarding who can access and use which printers and why, with role-based authorisation.
- Deploy unique digital certificates to each printer as you would other internet-connected devices on your network.
- Deploy a managed mobile printing solution for data encryption, in-network device access, user authentication, and tracking.
Following this list of top security tips will leave your organisation better protected—both in the short and long term. Remember, play it safe and always stay compliant.
**The information contained in this webpage is general in nature. It is not intended to be comprehensive or to constitute legal advice. You should not rely on this information without first obtaining legal advice based on your specific circumstances.