Let’s face it: when it comes to cybersecurity, printing is not the first thing that comes to mind. Ransomware, phishing attempts, and Man-In-The-Middle (MITM) attacks seem to garner far more press. That’s why this Cybersecurity Awareness month, I’ve tried to point out some of the ways that print devices and document print networks in general are an oft-overlooked vulnerability.
Unfortunately, the ability for malevolent actors to misuse document-based information does not stop at the point where the document is securely delivered to the authorized recipient. You can encrypt all of your print information at every point in the process, force users to authenticate their identities before retrieving documents, and still put sensitive information at risk. For example, there has been much press about authorized document recipients knowingly or unknowingly storing sensitive hardcopy documents in unsecured locations. Such unforced errors can undo the efforts of entire intelligence bureaus.
But not all examples of document misuse are this dramatic. Once printed, documents can be stolen or misplaced. People can make unauthorized copies of a document and try to pass them off as an original. One very serious example of this is the use of printed prescription forms. Clinicians prescribe medications for a specific person in a specific amount with a specific number of refills. For years, individuals have sought to copy or modify hardcopy prescription documents to access painkillers and other controlled substances for resale or abuse. The results can be deadly.
For all of these reasons, organizations cannot stop caring about security once a document moves from the “cyber” realm to the physical one. In the specific case of prescription forms, governments have mandated the use of special paper with security features that prevent data from being altered or copied. Attempts to change the name of the patient or number of prescription refills will cause the document to display a marker that indicates the document has been tampered with. If someone tries to use chemicals to “erase” the physician’s original prescription writing and change data on the document, a VOID warning or stain appears, making the form useless. Likewise, the heat caused by the light of a scanner or photocopier can cause a security breach indicator to appear.
There are a variety of other document security features available that do not require the use of costly special paper stock. These range from simple watermarks or overlays with a message like “CONFIDENTIAL” or “DO NOT COPY” to sophisticated measures like secure pantographs, microprinting, and timestamps. A void pantograph is a pattern or text message that is invisible in an original document, but which becomes obvious when a document is scanned or photocopied. Likewise, microprinting can include very finely detailed information that is readable with the naked eye or with a magnifying glass, but which cannot be duplicated when photocopied or scanned. Such mechanisms provide a useful indicator of a document’s authenticity. Timestamps and other data such as the owner name can also be added at print time to make it harder for those in possession of an unauthorized document to pass themselves off as a legitimate user of the information.
The point of all these measures is that the need for data security does not end when sensitive information leaves the digital world and enters the physical one. Protecting information does become more difficult once a hardcopy document leaves the hands of the intended recipient, but fortunately, there are a number of measures available to minimize the likelihood or impact of document misuse.
LRS, together with our many hardware and technology partners, can help your organization implement document security measures to safeguard your sensitive information and help you comply with industry and/or governmental privacy regulations. Feel free to contact your LRS document experts for guidance in secure document best practices.