Triple-Strength Secure Printing
Tuesday, September 29, 2020
by Max Frolov
As the amount of corporate and customer data keeps growing, protecting these valuable information assets has become more critical to business operations. Just as importantly, this vigilance helps organizations comply with ever-tighter privacy requirements.
The enormous reputational, legal, and financial implications of lost personal data are changing information security from a costly “nice-to-have" into an absolute must. After all, to successfully infiltrate a system, a hacker need only be lucky once, whereas to mount and maintain effective security, your organization must succeed every time.
For most businesses, the number of cyber-attack vectors is increasing as connected Internet of Things (IoT) devices spread throughout the organization. Neither legacy devices nor the latest round of smart printers and multifunction print device (MFDs) are immune from this risk. While most printer manufacturers are investing heavily to secure their hardware against malware and viruses, there is always the issue of physically securing the confidential printed document as it sits in the output tray.
Businesses must therefore be proactive in mitigating print environment vulnerabilities but avoid compromising productivity. Most users are aware of the need to secure confidential printed documents. But there is still a strong expectation that technology will address the grey area in the "document custody chain" between the moment they click Print and the time they pick their documents up from the output tray.
So — short of stationing security staff to ID users at every network printer — what can be done to address some of those challenges and ensure security?
Pull Printing to the Rescue
Pull printing solutions are becoming more and more ubiquitous in the workplace. You can hardly read a Managed Print Services RFP that doesn't require solutions to hold print jobs in a queue until a user authenticates at the network printer.
So what is Pull Print functionality and what benefits does it offer to the enterprise? In other words, “How to secure print?”
Simply put, pull printing, also known as PIN printing, is a configuration wherein servers or users’ workstations hold print jobs securely until such a time as a user authenticates at a network printer and sends a request to release those jobs.
It is nothing new to log on to your workstation securely, often using two-factor authentication. But nowadays, authenticating at the print device and ensuring that a user is physically present to collect output is a must to ensure IT security.
Pull printing essentially enables triple print security. Not only does the user need to authenticate on their workstation to access documents and print them on any network printer, but physical presence and authentication is also required at the printer before any toner physically goes on paper. Most network printer manufacturers implement “PIN printing” by enabling a feature in the driver. Unfortunately, this simple solution relies on a user having to set PINs for every print job, which impacts usability. As most organizations learn, security measures that are difficult for users often go unutilized.
There are several options currently available to authenticate users at the MFD. The most commonly used are:
- Mobile device release in conjunction with iBeacon technology that enables users to locate the nearest printer, ensuring secure release of their documents by verifying proximity to the device.
- Badge/card reader fitted to an MFD that can authenticate users, ensuring proximity to the device while print delivery is initiated. Readers are designed to work with a variety of NFC/RFID card technologies to leverage existing access cards for enhanced print security.
- PIN numbers or active directory credentials often used to authenticate users by leveraging interactive consoles built into most modern printers and MFDs.
- External authentication network-attached boxes with keypads and card readers, which can address security concerns of legacy printers that do not support any of the above authentication methods.
Two-factor authentication is also offered, though it is not as commonly deployed in reality, as administrators seek to strike a delicate balance between security versus usability.
The introduction of pull printing mechanisms not only addresses the obvious risk of confidential data exposure, it also "hardens" the MFD by locking down its functions. The importance of both the former and the latter is becoming increasingly important with the move to shared/open office space work environments where physical printer security is more of a challenge.
Aside from the security advantages of pull printing, there are the cost reduction opportunities associated with reducing erroneous print. By giving users the ability to delete jobs out of a personal queue after submitting the job, organizations can prevent unnecessary reprints from users that discover a spelling mistake on page 1…
In a world of rapidly evolving security threats and costly data breaches, can you really afford not to take every possible step to mitigate the threat of personal data leaks? Contact LRS to discuss some proactive measures you can take in the struggle to protect document-based information.