How to tackle print security and compliance in a Managed Print Services environment
Friday, April 20, 2018
by Linda van der Westen
Many large enterprises have outsourced their printing environments to third parties that take care of everything related to document printing and delivery. But what can be expected of such a third party when it comes to compliance? For example, which party will be responsible for tasks related to the upcoming GDPR regulations? Does the burden of compliance rest with the external service provider or with the enterprise itself?
One thing is certain — in the case of a data breach, it will be the enterprise that pays the fine. Although one may expect GDPR compliant printing processes from the managed print services provider, these are far from guaranteed. For one, there are many misconceptions about GDPR compliant printing. One such misconception is the idea that pull printing alone will ensure GDPR compliance. In reality, this is only a half-measure. How much trust can you put in a provider that merely offers a pull printing solution?
When looking into compliance matters, printing deserves just as much attention as any other area that involves the handling of data. Who better to trust with implementing GDPR compliant systems than your in-house teams that generate the data to begin with? The first step in compliance is to evaluate potential risk factors such as print servers / print queues being hacked. Likewise, your staff can look for instances of printed documents being discarded without regard to the confidential nature of the information.
Only after identifying such risk factors would it make sense to discuss these with an MPS provider. You can then ask what measures they recommend to prevent any future problems with GDPR compliance. These should go beyond the obvious print recommendations, and address topics like digital data streams. Each time a user prints, data is sent to a server and then to the printer via the WAN or LAN. Or in the case of direct IP printing, data can travel over the local network without crossing a server. How secure do you suppose that data is as it traverses the network? Your MPS provider should be able to answer this question and recommend ways to maximize security.
When all is said and done, even when services are outsourced, your enterprise is ultimately responsible for regulatory compliance. Proper due diligence should result in a solution that prevents confidential data from being viewed by unauthorized users or improperly accessed during printing processes. Digital data streams are subject to exposure and should therefore be protected in the same way as printed data. May is rapidly approaching and GDPR will soon come into effect, so be sure to examine every output-related process, even those you may have outsourced. Better to be safe than sorry!
Want to read more about MPS?
Think You’ve Got Printing Covered?
Yes, my Windows printing is covered. Now what?
Who is really printing What, Where and When?
Final Thoughts on MPS