Despite the best efforts of various individuals and organisations, print security remains the poor cousin of the IT security family. As Robert Palmer, a Research Director at IDC, recently observed:
“For many organisations, print and document security is often overlooked when it comes to developing a comprehensive IT security strategy. Despite measures taken to protect IT infrastructure, the lack of visibility and oversight within the print environment creates a weak link that leaves organisations vulnerable to hackers and other cybersecurity threats.”
Given the amount of cyberthreats today’s businesses face, it’s easy to understand how and why IT pros occasionally allow print security to fall by the wayside. But the simple truth is, if your printers aren’t secured, you’re open to attack.
How can you make sure hackers can’t infiltrate your organisation’s printers? Like with any security strategy, there’s no one-size-fits-all answer, but with the following tips, you can figure out the best-fitting strategy for your business.
Assessing security needs
First, you need to figure out exactly what you need. Any IT department developing a print and document security strategy should take into account:
- The size and nature of their organisation
- The regulatory environment the organisation operates in (e.g., does it need to be GDPR compliant?)
- The potential consequences of a cyber attack, including what data is most likely to be targeted
- The organisation’s existing print and document infrastructure
- The budget available to invest in print and document security
- How print security fits into the organisation’s overall IT security strategy
At the very least, you should have some level of protection against external hackers. Whether that protection comes in the form of purchasing individual devices with embedded security features or hiring a managed print services (MPS) partner to help you secure your print fleet—or both—depends on the factors listed previously.
4 questions to guide your print security strategy
If you’re unsure which approach is most appropriate for your organisation’s printer security, ask yourself the following questions:
1. Can I outsource this task?
If you don’t have time to carefully consider all the points listed above, you don’t necessarily have to. Instead, you could work with an MPS partner. MPS providers can help you analyse your print environment, identify any security gaps, and optimise your print fleet. Often, MPS providers will assign you a print security advisor with expertise in assessing security needs. This advisor will:
- Interview staff about their daily printing and imaging practices and collect other qualitative and quantitative data
- Deploy sophisticated tools to evaluate your printer security against regulatory requirements and industry best practices
- Conduct workshops to educate stakeholders on potential threats and help them reach a consensus about a new printer security strategy
- Finalise a comprehensive and cohesive printer security strategy and implement the agreed-on solutions
2. What’s the most secure gear I can afford?
Not all printers are created equal. While you need to be mindful of your budget, you should also make sure your company isn’t saddled with substandard gear.
If you’re in a position to purchase brand new printers, look for devices with built-in intrusion detection and self-healing capabilities. Data security measures, like encryption and user authentication, are also important. While it’s tempting to save a couple bucks today on a printer that only has some of these features, data breaches are almost always more expensive than investing in security up front.
3. How many boxes will the new system tick?
When in the market for a new printer, here are some of the security capabilities you should look for:
- Anti-virus and anti-malware software
- User authentication and pull printing
- Firmware whitelisting
- Run-time intrusion detection that can monitor for malicious code
- Automatic reboots to self-heal the BIOS
Prioritise software, hardware, and services that tick off as many of these items as possible.
4. Will I stay secure over the long term?
Is the print security you’re investing in easily scalable, allowing for future business growth? If you’re outsourcing to an MPS partner, can you count on them to provide timely and reliable service over the long term? Will they provide fair and flexible pricing?
You never know what the future holds, but you can be reasonably assured of a couple things: First, cyberthreats will continue to grow more dangerous and difficult to thwart. Second, technological advancements aren’t slowing down anytime soon. For these reasons, it’s important to invest in printer technology and MPS relationships that will keep you ahead of the curve for years to come.
Institutions with a dog in the cybersecurity fight, ranging from CERT Australia to MIT, constantly warn that there’s no room for complacency. If there’s a single vulnerability in your network, no matter where it is, a hacker will eventually find it.
Do you want to become complacent? Or do you want to make sure sensitive information can’t gush out of a poorly secured printer? The choice is clear; all that remains for you to decide is the best strategy to follow.