Secure your endpoint devices with this quick and handy guide**

01/02/20183 Minute Read

Around the world, governments are requiring businesses to take a harder look at their data privacy and security regulations. In Australia, amendments to the Privacy Act 1988 (Cth) will in many cases require organisations to notify both individuals and the Office of the Australian Information Commissioner where there has been a data breach.

With regulations constantly changing like this, it can prove challenging for businesses to find the time and resources to keep up. However, if they fail to offer more than a simple firewall as a guard against attacks, they could breach regulations and face fines that can run into the millions.

There’s no doubt that every business will experience a regulatory breach at some point, so it’s essential to identify when it happens and correct it as soon as possible with the right processes and tools. Fear not! You can use this checklist as a practical resource if you’re looking to improve IT security for endpoint devices, protect your brand name, avoid costly consequences, and comply with the strict new regulations.

Starting off with the basics, work your way down this list to the advanced security layers. Then, you can be confident that your endpoint devices align and are compliant. This handy checklist will also help your IT department secure printer endpoints, which are often overlooked.

Basic security layer

As always, you should start with the basics, so here’s a few initial steps to implement or at least consider for updating:

  • Only purchase endpoint devices with built-in malware protection and encrypted hard drives.
  • Update firmware, especially versions with critical security patches—as you would when updating the apps on your mobile phone.
  • Configure device interfaces, and lock down protocols, like FTP and telnet, that are not required by your applications.
  • Review new devices and close ports or protocols not currently in use that could give intruders access.
  • Apply unique administrative passwords to each device.
  • Lock down the front panel to disable access to administration features.
  • Encrypt data flowing to and from the device.
  • Set hard disk erase procedures for old data—especially on printers you’re trading in.

Once this is complete, move onto the next layer of security.

Medium security layer

Next is a medium security layer that will protect you from the potential risk areas that are often overlooked or sometimes fall by the wayside through complacency:

  • Integrate printer systems’ log data into your SIEM tool to fully monitor the network for threats. For new compliance regulations, visibility is key to meet the reporting requirements.
  • Deploy user authentication at the printer to track who’s copying, scanning, and faxing from the device. This data is helpful in a forensics investigation after a breach.
  • Deploy pull printing to avoid sensitive information being forgotten. This also helps your environmental standards by reducing wasted prints.

Now, you can move onto the final, advanced layer of security.

Advanced security layer

This is your heavy-duty layer of security that protects your network from all the malicious high-risk factors:

  • Set up job tracking and accounting reporting.
  • Consider setting and automatically enforcing rules regarding who can access and use which printers and why, with role-based authorisation.
  • Deploy unique digital certificates to each printer as you would other internet-connected devices on your network.
  • Deploy a managed mobile printing solution for data encryption, in-network device access, user authentication, and tracking.

Following this list of top security tips will leave your organisation better protected—both in the short and long term. Remember, play it safe and always stay compliant.

**The information contained in this webpage is general in nature. It is not intended to be comprehensive or to constitute legal advice. You should not rely on this information without first obtaining legal advice based on your specific circumstances.

Tektonika Staff 02/02/2018 3 Minute Read

Are you ready for the Notifiable Data Breaches scheme?**

Australia's new Notifiable Data Breaches scheme is designed to bring our privacy laws up to the standard the community expects in the information age.

Jasmine W. Gordon 01/02/2018 4 Minute Read

Don’t become hacker bait

The time for complacency is over. Your data and other confidential info can be wiped by cybercriminals accessing unsecured printers and other endpoints.

  1. 1

Nigel Bowen 31/01/2018 4 Minute Read

Don’t be the next data breach example**

We all want to avoid sending data breach notifications to potential victims at risk, but the OAIC's resources will help you plan your data breach response.

Leave a Comment

Your email address will not be published. Required fields are marked *