Defending data from hackers, internal threats, and malicious third parties has never been easy. The Internet of Things (IoT) has given cyber attackers more opportunities than ever to enter networks to spread malware, go phishing, or execute a man-in-the-middle-style attack.
Organizations surveyed by Ponemon for a recent study experienced, on average, 2 attacks per week in 2016, an increase of 23 percent year-on-year, losing on average $9.5 million annually in the fight against cybercrime.1 In response to the rising threat of these attacks, government bodies around the world have introduced strict new regulations that require organizations to better protect their customers. And if companies fail to comply, they could face heavy fines on top of lost customers and a damaged reputation.
One such regulation is the EU General Data Protection Regulation (GDPR), which aims to protect the rights of individuals to control their own personal data. Any company operating in the EU that fails to comply faces fines of up to 4 percent of their global annual turnover, capped at €20 million.
Secure the data flow between your printers
Businesses tend to focus on server, mobile, and PC protection, but any data sent between devices is vulnerable to attack. Unsecured printers expose your business to the same data threats as your PCs, and safeguarding your print fleet is essential for security compliance.
With industry regulations becoming more complex and hacker skills becoming more sophisticated, it can be a challenge for CISOs to know if their security measures are as complete as they should be. The Center for Internet Security has developed a checklist of controls that outlines the most important requirements. This encryption and authentication checklist can help businesses address best practice security requirements to protect data flowing through their printer fleet and stay compliant.
- CSC 12: Boundary Defense: Your IT team should protect the flow of information transferring between networks of different trust levels with a focus on security-damaging data. Use encryption to protect data in transit and at rest on the device hard drive. Control access to device functionality based on a person's role by configuring or adding authentication solutions, including access to print from a mobile device. Configure trusted websites in the "Trusted Sites" list on the device to prevent user access to malicious websites from the printer front panel.
- CSC 13: Data Protection: Your IT team should prevent data infiltration and exfiltration, mitigate the effects of exfiltrated data, and ensure the privacy and integrity of sensitive information via encryption. In addition to the CSC 12 recommendations, IT teams also need to consider pull print solutions to avoid sensitive documents being abandoned in output trays, and securely erase data on printer hard drives before returning leased printers or recycling them at end-of-life.
- CSC 15: Wireless Access Control: Your IT team should control the security use of wireless local area networks (LANs), access points, and wireless client systems. With an effective print security management tool, they can automate the deployment, assessment, and remediation for device settings—including wireless settings—across the fleet. When it comes to choosing your printer fleet, they should choose devices that support peer-to-peer wireless printing and allow mobile device users to print directly to a printer's discrete wireless signal without accessing the company network or wireless service.
Does your IT team know your most vulnerable points?
If your IT team isn't aware of every endpoint, they cannot see where data breaches have occurred. The first step to protecting your data is to know every device, before applying best practice encryption and authentication measures to be compliant and enable employees to send data more securely.
- Ponemon: 2016 Cost of Cyber Crime Study