Printing and Data security – what’s the worst that could happen?
Thursday, October 26, 2017
by Karin Bopp
Right now, the date May 25th of 2018 is very much in the news. This is the day when the EU General Data Protection Reform goes into effect. Naturally, everyone’s thinking about hackers, stolen addresses, credit cards, etc. Few are thinking about print processes, even though they affect every business.
Furthermore, the steady march toward digitalization has resulted in a proliferation of devices. Some of these are owned by the business, and some belong to employees (think BYOD). As a result, more and more documents are generated on, or routed through, a maze of devices from PCs and laptops to tablets, smartphones, and more.
Employees, especially mobile users, utilize a variety of these devices to do their jobs and complete the necessary workflows. In the process, documents are printed on any number of output devices. Or at least, the users wish they could print on those printers and MFPs they encounter during their work day.
They ask themselves two questions: Can I really print anything from my smartphone or tablet? On any printer in the company? LRS can answer both of these questions with a resounding “Yes,” because our products are designed to do exactly that. But this isn’t the main topic of this Blog. There is another important question that is seldom asked.
Assuming all of these documents can be printed on any of these devices, how is data security handled? Especially since the GDPR data protection deadline of May 2018 is right around the corner?
Think about all the platforms and applications at work in your organization. Think about the data being processed and the departments that produce or use that data — from Finance to HR, Sales, Marketing, Customer Service, etc. Do you really want everyone in each of these departments to be able to access any document printed anywhere in the organization?
Now think honestly about what security measures you have in place to prevent this from happening.
Recently, HP published an interesting series of videos that show how easy print devices and print processes can be hacked. Today’s printers are less like electronic typewriters and more like full-blown computers that happen to print.
Luckily, there are technologies available to provide greater protection for print processes. These include end-to-end encryption of data streams from the application to the print device to make intercepted data useless to potential hackers. There are also pull printing solutions that prevent uncollected print jobs from accumulating at the device; documents do not start printing until the user is physically standing at the printer and authenticates his or her identity. LRS pull printing also maintains security in the event of printer jams. Documents can be retrieved at an alternate device, if the user authenticates using a PIN, access card, or similar method.
Even before the first byte of data is sent to the printer, you may want to think about encryption. How do you process your data today before it’s actually sent to the printer? Think, for example, about Windows Print Servers, which routinely process print data in preparation for printing. Is all of your valuable data encrypted during this entire process? LRS Output Management can receive data from any application, process it into the desired form, send it to any desired printer or electronic destination… all while protecting document contents through secure encryption.
Another topic is rights management and document-level authorization schemes that regulate access to documents. Not only the ability to print them, but also to open them and view them. This brings up the topic of document classification.
If the document ends up being printed, it is possible that the document contains confidential information. Wouldn’t it be good to indicate this on the document itself with a watermark, stamp, or some other mark? How can you automatically add such a mark to your sensitive documents?
And what about copies made of documents that are not supposed to be copied? Is it possible to prevent such unauthorized duplication? Yes, such technology exists in the form of pantographs that can be inserted into the original printed copy of a document. Although invisible in the original document, a pantograph appears as a black mark or a message (for example, “COPY” or “VOID” or “CONFIDENTIAL”) when photocopied.
Nevertheless, humans are the weakest link in the security chain. In any of these security scenarios, an employee may grab a document from the printer output tray, stop somewhere for a cup of coffee, and leave the sensitive document on the kitchen counter. Surely there’s nothing your organization can do about that!
However, the GDPR states that the producer of the data (in other words, your organization) is liable in the case that this negligence results in an injury. That is, unless the liability can be shifted to someone else.
But what if you were able to not only track and account for all print and output events, but also insert, say, a barcode in the margin of the page? A barcode containing information about who printed that document, when, where, and from which application? Now, suddenly, the question of liability looks different.
Remember at the beginning of this Blog, when I mentioned that employees don’t just want to print from their laptops, but also from tablets, smartphones, and more? Are all of these devices integrated into your print security processes? What about your serverless printing?
It’s no problem for the Output Management experts. Contact us… we’ve got the solutions to these and other printing challenges.