Category Archives: Print Security

Is There Still Confusion Over GDPR?

Mode is in the process of preparing for the new GDPR law that will be implemented on May 25th, 2018 and supporting our clients through this transition and what it means for all businesses.

Recap: What is GDPR

  • New law that will replace the Data protection Act
  • It will require all business dealing with any EU business whether they are in the EU or not to:
    • All data must be obtained by consent
    • If requested by the individual, all data will have to be deleted upon request
    • Companies must detail what personal data they hold, how it is processed
    • Certain business will have to have a Data Protection officer
    • Data breaches will have to be reported to Supervisory Authorities within 72 hours of the breach
    • Failure to comply is potentially a fine of 4% of annual turnover or 20Million euros whichever is greater.

However, it is still apparent that confusion remains with many businesses, about what GDPR will mean to them and the impact on their processes.

IN 2016, Dell conducted research to see how well-prepared SMB’s and large enterprises were for the new law this year. This research was conducted across Europe. It indicated then some interesting findings:

  • 80% of respondents knew few details or nothing about GDPR
  • 97% had no plan
  • Only 9% of IT and Business professionals were fully prepared for GDPR
  • 70% of respondents had said that they are not or do not know if they are prepared.
  • 90% said their existing processes would not satisfy the new GDPR requirements.

However, Mode recently reviewed some more current research by Collyer Bristow (as featured in SmallBusiness.co.uk in October 2017 ) and discovered that businesses understanding of GDPR has improved but not to the extent that you would expect for a law that will due to be implemented in under 4 months:

  • 57% senior management have little or no direct involvement with data protection
  • 34% of businesses have no plans to perform a data risk assessment in 2017
  • 23% of businesses have no data breach contingency in place
  • 20% of businesses still have not taken steps to prepare for GDPR

So Why is There Still So Much Confusion Over GDPR?

An article in ITProPortal published in 31st January speculates that many companies have their “head in the sand” despite the plethora of consultants and industry commentators warnings!

Mode Recommends What We All Need to Do Now!

  • Implementing GDPR is a board-level issue and compliance must be agreed at this level
  • Businesses need to understand what data they hold, need and what is collected.
  • Decide what data is processed and whether your business needs to collect or retain the data.
  • Have processes in place that will allow you to delete data with confidence
  • Review how the flow of personal data proceeds through your organisation and how its processed, stored, secured and deleted.
  • Ascertain whether your current security policies are adequate to offer protection against unauthorised access and data loss.
  • Review any potential breach areas and whether your business has the tools to investigate any compromises.
  • Adopt an “end-to-end Security” approach, which will allow your business to guarantee a full life cycle of protection of personal data, which will include the creation and storage od data until the time it becomes obsolete.

Follow These Steps:

  1. Prepare: understand the personal data you hold and the potential risks
  2. Protect: Protect personal data from malicious attacks and misuse
  3. Detect: Provide rapid detection, understand the impact of any breach
  4. Respond: Respond efficiently and effectively to be compliant and mitigate any risk.

With the new law coming in under 4 months, it’s essential that companies act now to ensure we are all prepared for GDPR.

How Can SMEs Stay Safe From Cyber-Attacks?

Anti Virus Software

There have been several reports in the press recently discussing the successful cyber-attacks on high profile companies, including the NHS.

Does this mean that SME’s are at more risk now that well-known brands are being successfully attacked, and if so, how can they defend themselves? Mode wanted to address these concerns by providing tips that will help SME’s stay guarded from the increasing cyber security threat.

Two-thirds of businesses have been victims of cybercrime. However, one in four owners have admitted that they aren’t up to date on cyber security measures.

What are the priorities?

Data is the most valuable asset any business holds. Many of your electronic devices store data, such as laptops, PCs, photocopiers etc. It is rare that hackers can access data directly; typically they look to compromise end points and specific accounts. Therefore, SME’s should invest in some form of protection, such as NGAV (Next Generation Anti-Virus) and multi-factor authentication.

SME’s are often limited in financial resources and security can be costly, however, investing in sufficient anti-virus could ultimately prevent unnecessary financial stress.

Mode’s tips for Cyber Security:

  1. Review the data that your business holds to identify which assets need extra protection. Look at which 3rd parties can access it and identify whether data is adequately backed up. Consider encrypting any sensitive data or reducing network access to certain users, particularly for remote workers.
  2. Stay secure with regular IT updates and Anti-Malware updates. Recent research indicated that a third of SME owners aren’t keeping up to date with the latest IT regulations that could leave them vulnerable to attacks. Make sure you have Anti-Virus Software.
  3. Train staff. Limiting the threat is crucial. A third of employees have access to Facebook and other social media platforms whilst at work, and as half of SME’s do not provide their team with internet and computer guidelines, education is key to limit external threats. Make sure your employees know how to protect their personal information and how to behave on social media so that the company’s information does not end up on social networks.
  4. Secure your business with good passwords. Elaborate passwords ensure the protection of your data, so invest time into making a pool of passwords that you will alternate each month. The passwords should be kept in your head or only passed to trusted employees.
  5. Only use secure methods of payment. Do thorough research before establishing partner relations with different payment companies. To keep your business’ financial status secure, you need a reliable company that you can trust. The same goes with credit card information for your customers.
  6. Create back-ups. Your business can suffer negative consequences, such as a loss of a client database or budget information leakage if information is lost.
  7. Limit mobility of company computers. Do not allow employees to take computers home. A good idea would be to allow only the reasonable use of mobile devices so that information is not copied to many devices where you cannot keep track.
  8. Check the level of technical support you have. It isn’t always possible for an SME to have the resource of a dedicated IT Engineer. Outsourcing is the most practical idea to ensure the right controls are in place and that you have a trusted expert to resolve any issues.
  9. Run regular checks. SME’s must check the effectiveness of their procedures against cyber-attacks and manage any changes in risk levels.
  10. Have a plan in place. Ensure that, should you be attacked, you are able to limit the disruption to your business.

Mode offers many solutions to protect against cyber-attacks. Contact us today for more information.

The Office of the Future – A Global Workforce

home office

There can be no doubt about the fact that the face of business is changing at so rapid a pace, that some aspects of it may be almost unrecognisable to us in as little as a decade.

Businesses today vary of course in the extent to which they have embraced information technology; some industries are built upon being at the forefront of the latest, whilst others continue to coast along using their old, tried and tested methods of working but the fact remains that the way people use the internet is changing.

Flexibility equals security

Take for example the fact that young people under the age of 18 are among the least likely to use email as a means of communication. This is a good indicator that email is increasingly being seen as obsolete as an effective means of communication. Instead, cloud messaging continues to grow as the preferred method of communication due to its ability to link all devices within a network and free people from site-based communication technologies.

As Millennials begin to enter a workplace which in some cases is still committed to using outmoded methods of communication, organisation, storage, and processing, many of which will be completely unfamiliar or irrelevant to them, these methods will become more obviously outmoded and these same young employees who do not have the same associations or habits with regard to dated communications which are held by their seniors, will be confounded and likely frustrated by the customs which linger.

The slower or less secure methods of working will continue to be dropped by those entering the workforce, in favour of the fastest, the safest, and the most convenient. This could mean complete digitization and probably an almost total reliance on cloud computing.

Home workers usher in a new age

The development and improved reliability of technology has also had an impact in the amount of individuals choosing to conduct their work from home; either via an agreement with their employer or as a freelancer.

For freelancers, finding work, promoting their services and managing their workload from the comfort of their own home has become more convenient than dealing with a morning commute and of course it makes financial sense for businesses to use freelancers both in terms of expanding their stable of talent and saving money on the costs of employment.

The figures for the growth in those working from home in the UK have risen to previously unseen levels and in 2014 there were no less than 4.2 million people working out of their own homes; this is no less than 13.9% of the total workforce.

With numbers predicted to rise exponentially and people keen to benefit from the perceived benefits of a work-from-home lifestyle, the office of the future may not in fact be an office…it could be many, many thousands of them, creating a global workforce each responsible for their own data security and financial management.

Developments in Secure Printing for Business

'Security' in print

In our last blog we discussed the evolution of secure printing, citing examples in the last five years of security breaches as well as the current data on number of breaches and the expense this is causing organisations in the UK.

Why Invest in Security Printing?

Security breaches are not only expensive and fatal to businesses; they represent a breach in the legal requirement of many industries to maintain data security. Secure printing is an integral part of sound business security practices.

What is Being Offered in Security Printing

A number of security options are available in the field of secure printing. Toshiba offers options that are simple to use, including user authentication, self-encryption HDD, security pattern printing, access logs, access controls, IP/MAC address filtering, private print, data overwriting and encrypted PDFs.

Xerox holds a job in queue until you release it with a passcode. It also has a Print Security Audit Service, which can monitor whether company printers are used in alignment with company policy. Other options include overwriting, data encryption, embedded faxes and removeable hard drives.

Ricoh is another secure printing option, offering FlexRelease servers, a cord authentication package, an enhanced Locked Print NX, and a Smart Device Monitor for auditing and reporting on usage.

PaperCut also offers secure printing that can be released only by the user. It tracks and records what is being printed and by whom through user based reports.

Lexmark features a secure print release with id card, or by entering credentials. It has document accounting tools which can measure print quotas, and the printer can restrict access to users.

First Steps in Security Printing for Business

The first step in security printing for business is to work with a reputable, experienced print and digital technology agency to come up with a print management solution that satisfies your business requirements and security obligations.

Security can be a problem in this expanding technological world. Fortunately, there is a solution waiting for your business.

At Mode Print Solutions, we are always available to help develop a print management solution that will enable you to have secure printing within your business, as well as the peace of mind that comes with it.  Contact Mode to get started today.

The Evolution of Security Printing

'printing industry' in blue letters

With few exceptions, printers built since 2002 contain hard drives, much like your personal and business computers.  These hard drives contain every document you have ever scanned, copied or emailed. This article discusses the progression of security printing and what your company can do to protect itself in a world of increasing data breaches.

An Investigation on Secure Printing

In 2010, a landmark expose in the United States was presented by CBS News entitled Digital Photocopiers Loaded With Secrets.  In it, the feature described the average business printer as ‘a digital time-bomb packed with highly personal or sensitive data.’

A news team went to one of 25 warehouses in the country to test their ability to access personal and ‘restricted’ information from the hard drives of printers.  Some information were used to pick from a selection of about 6,000 printers, including the amount of pages printed and the price of the printer.  Four printers were chosen and approximately $300 was paid for each.

In 30 minutes the hard drives were taken from the printers and a free forensic software program scanned tens of thousands of documents in under 12 hours.

Documents found included:

  • Domestic violence complaints and a list of wanted sex offenders from a Buffalo, NY Police Sex Crimes Division
  • Targets in a drugs raid from the Buffalo Police Narcotics Unit
  • 95 pages of pay stubs complete with names, addresses, social security numbers and $40,000 in photocopied checks from a New York Construction company.
  • 300 pages of medical records from a New York Insurance Company that included blood test results, cancer diagnoses, and drug prescriptions.

This article is consistently quoted in the security printing industry because the results were so substantial.  The report alludes to a breach in national as well as personal security when it mentions that 2 shipping containers were being loaded with used copiers from that same warehouse and headed to Argentina and Singapore.

Hacks on UK Businesses Fall Slightly, yet Grow in Expense

Fast forward to a 2015 article in Print Week entitled ‘Sloppy Security is Making Printing Companies Targets for Cyber Criminals’.  Initially, the news in good.  The Information Security Breaches Survey 2014, authorised by the Department for Business, Innovation and Skills indicated that the number of large leaks in organisations in the UK decreased from 86% in 2013 to 81% in 2014.  A five percent reduction is certainly good, but it leaves a lot of room for improvement.

Furthermore, data leaks are growing in expense, as quoted by Print Week author Simon Creasey, who states, ‘…while the number of attacks might be decreasing, on the flipside, the average cost of breaches increased significantly for the third year running. For small organisations the worst breaches cost between £65,000-£115,000 on average and for large organisations in the region of £600,000-£1.15m – any company, large or small, found guilty of contravening the Data Protection Act 1998 could be fined a flat rate of £500,000’.

The repercussions of security breaches are expensive and can damage the reputation of businesses.  Colin Tankard, managing director at the secure  data management company Digital Pathways states, ‘If you lose someone’s data they’re not going to use you anymore and word will get around, so you could end up going out of business’.

What to Do To Prevent Security Breaches

The effects of data leakage are substantial and potentially fatal for businesses.  However, the solution is rather simple.  Quocirca research indicates that a security assessment significantly reduces your chance for data loss.  The next step includes implementing managed print solutions for your business.

Modern printers for business are offering options such as removeable hard drives, anti virus software, and secure release printing which restricts access to anyone but the user by requiring a passcode, or access card.  There are image overwrite options, embedded faxes and auditing services that can tell you how much different departments or individuals are printing and what information is being printed.

The money invested in these solutions can be made back in the reduction of print spending, often eaten up by unclaimed print documents.  Overall these measures are not only crucial for business security, they are a responsible, cost effective, green printing solution that benefits everyone.

© MODE 2018
Site Map | Privacy Policy | Cookies |Design: Innermedia