2023 marks the 20th Cybersecurity Awareness Month campaign by the Cybersecurity and Infrastructure Agency and the National Cybersecurity Alliance. This year, they have identified four critical actions and behaviors that everyday citizens can take to reduce the risk of their data being compromised:
- Use strong passwords and a password manager
- Turn on multifactor authentication
- Recognize and report phishing
- Update software
You won’t find any surprises on that list… just the standard things we all know we’re supposed to do, and that many of us don’t take seriously enough. That is, until it affects us directly, as happened this summer at my healthcare provider. But even if you do all of these things, all the time, your valuable business information is still at risk.
Critical documents – in both electronic and hardcopy form – are loaded with the type of information criminals, competitors, disgruntled employees, and others would like to know. To protect these valuable assets, you need systems that encrypt data at every step: during transmission across the network; while at rest in a server, queue, or cloud repository; and during delivery to the output device. This element of security is the purview of your organization’s network infrastructure team.
Hardening the data transmission pipeline is great but thwarting attempts to access it in the first place is even better. Zero trust architectures add a layer of security by ensuring that a user or process has authorization to access a particular resource at a particular time – on a transaction-by-transaction basis.
Nothing is left to trust. No information request goes unchallenged. It pays to be paranoid, as long as this does not paralyze your business processes. Through the magic of the Open ID Connect standard, security and seamless access are not mutually exclusive. For obvious reasons, LRS has embraced this security approach in the form of our LRS Gateway component. In these days of work-from-home and hybrid work arrangements, this is a critical piece of the security puzzle.
Okay. You’ve prevented bad guys from accessing data and used encryption to protect every point from your originating application to the destination printer or MFP. Mission accomplished, right? Sort of. Now you just have to worry about those employees or visitors to your facility who may grab a hardcopy document from an unattended printer tray.
The obvious solution? Don’t allow sensitive information to be sitting in hardcopy form at an unattended device. Pull print solutions ensure that only an authorized user can trigger the print process, and only when they are physically standing in front of the target MFP or printer. Working with the world’s leading print hardware vendors, LRS has developed device-resident, secure print release clients that authenticate a user’s identity and presence at the device before allowing sensitive documents to be printed.
Protecting your valued information assets through robust encryption and strict access control is necessary in these days of increased security threats. Necessary, yes... but is it sufficient? We’ll discuss in the next installment of this cybersecurity month series.