Category Archives: Print Security

What is Secure Printing?

secure printer

Secure and printing are not two words that are often in the same sentence or understood when placed together. However, with GDPR law now firmly in place businesses cannot afford to be complacent about printing securely.

Whilst security has become important for businesses, less than 25% have adopted secure printing practises, and this problem is becoming bigger.

Quocirca recently reported the many vulnerabilities around print and that now in the era of advanced connectivity and our ability to collect, process and store large volumes of data, the photocopier or printer has become the weak link in security and no longer can we ignore this. Quocirca quotes that 61% of large Companies have admitted to suffering a data breach. Therefore, now is the time to be proactive in your printing equipment and evaluate the security of your print environment. Discussing this with a print supplier will mean that they can recommend the appropriate hardware and software that means your business is secure, as well as offer education to your employees and help you implement printing practises.

As a business it is important to assess the following things:

  1. Access: Can confidential documents be accessed in your organisation. Who has access, and do you have controls in place to manage this information and track it?
  2. Policy: Do you have a security policy in place for accessing and printing to the network including the multifunction printers?
  3. Guidelines: Do your employees have any guidelines in place for printing securely and how do you monitor that they are adhering to this?
  4. Network security: Do you have firmware and has this been implemented?
  5. Procedure assurance: are you alerted if a device fails the security policy? How do you identify the weakness?
  6. Vulnerability: Does your printer pose as a security issue? Could you be a potential target for hacking or data to be stolen?
  7. Printer compliance: Given you have network security, do your printers comply? How can you check and resolve this?
  8. Reporting: Do you receive reports on the security of your hardware and software? If something isn’t complying, how are you informed so that you can resolve the issue?
  9. Mobile: Do you have a mobile work force that needs to access the network and print?
  10. Configuration of security: Has there been any changes to the firmware you have already installed? Are you up to date?

A printer supplier will be able to help you answer all these questions and help you implement a policy, along with the correct equipment that will help you make your printing environment secure. At Mode we follow this principle:

  • Security strategy: integrate printers and all hardware to be part of your overall security strategy
  • Policy: ensure that you have a policy in place that includes printers so that in the event of a data breach, you can demonstrate under GDPR, that you have taken every necessary step to limit any breach and secure and protect all devices.
  • Secure the devices: make sure your hardware has encrypted hard drives this offers another layer of security and ensure that when that equipment is disposed of, that all data is wiped.
  • Secure Access: ensure there is no unauthorised use of the hardware allowed. No unclaimed print outs on the printers, only allow print jobs to be released when the author is at the machine.
  • Monitor and manage: You need a centralised and flexible way to manage and monitor the security of your print fleet. There are auditing tools available that can track usage at user level. Multifunctional devices are excellent for this, and you can see who has printed what and when.
  • Seek advice: Printer suppliers are the experts in achieving this and can offer you the best way to protect the data your business is holding.

If you are seeking advice on this, why not take a look at our Secure Printing section on our website: https://www.modeprintsolutions.co.uk/secure-printing/ or alternatively contact us on 0345 223 2203 or enquiries@modeprintsolutions.co.uk

Security in the Printing Environment

printing

Businesses cannot forget that GDPR came into Law this May. However, whilst office equipment has significantly improved over the years in terms of functionality and security, many companies still have outdated equipment that could be a potential security issue.

People often don’t associate printing with security breaches, however as cyber criminals increase in sophistication, often network firewalls and printers are insufficient in providing businesses the security they need.

You may think that that equipment is just a box in the corner of your office that allows you to print and copy but this is how your box can be putting your business at risk:

  1. Storage: devices that record images and print them are effectively storing sensitive information on the internal disks or hard drives. These can be accessed if this is not protected.
  2. Capture: These printers can easily capture and route to many destinations if hacked, potentially exposing sensitive data.
  3. Cloud Control Panel: If your cloud connectivity is unsecured, then unauthorised users could access this.
  4. Machines Control panel: Users can exploit the settings on printers from an unprotected control panel with the potential to even disable the device, making this a real security threat.
  5. Input tray: Often sensitive documents can be left at the input tray and these can be easily stolen.
  6. Output tray: This is the most common security breach, Left, unwanted print-outs that can potentially have sensitive data on and these can easily fall into the wrong hands!
  7. USB ports: Cyber criminals can easily access the printer via an unsecured USB or network ports.
  8. Network: Your network can be intercepted as your data travels from your computer to the machine unless your firewall is secure.
  9. Mobile Printing: if you have employees printing from their mobile devices, this could cause a breach because unwanted print-outs may end up being left on the machine. Many people may have access to your office and data that needs to be protected may be left exposed.
  10. Bios and Firmware: This is effectively the “Brains” of your device. It tells the printer what to do and potentially is a huge security breach waiting to happen. If you have a newer machine, this will receive updates to the Bios and Firmware, however, if it is an older printer it will probably not be updated therefore leaving your printer as a security risk.
  11. Hard drive: If your hard drive is not encrypted then ultimately you are inviting hackers to gain access to your printing devices and obtain your sensitive information.

Multifunctional devices are equipped now to ensure that your printing has the highest security. Benefits include:

  • Multifunctional Printers (or MFP’s), have more than 250 security settings
  • Follow me printing: Print jobs not released until the owner is at the machine and has accessed it via a code/user name or card.
  • Real time threat detection
  • Security improved: not only just your printer benefits from improved security but your network will benefit from using this type of device.
  • Hard drive protection & encryption

Why don’t you talk to Mode today about how we can help your printers have the best security, so your business is not at threat any more.

Could This Be the Year for Your Business to Review its Security Measures?

2018 has been ear marked as the year as having the potential to be worse for cyber-attacks.

This bold statement has been substantiated by a survey commissioned by Acronis (leading experts in data protection and storage), based on evidence in 2017 where ransomware variants have seen an increase of 46% meaning that detection is now more challenging.

It is now apparent that high quality, secure backup solutions are necessary for businesses to protect against ransomware to ensure the risk to losing data is minimal and devices are secure.

If, as a business, your understanding of ransomware is limited, it is essential you educate yourselves now, as the cost to your business will only increase. Criminals in this field have fine tuned their skills and continue to take advantage of flaws in security where they are able to by-pass anti-virus software, meaning attack is almost undetectable. Also, if you are sophisticated in this area, the ransomware criminals are now developing new sways of targeting back up files and software. Most people in business are still unaware that ransomware can encrypt files and backups!

The most recent attacks are testament that many businesses are underestimating the capabilities of these criminals.

So, what can you do?

  1. Back up your important data: Store your data locally and in the cloud
  2. Keep everything up to date: This includes software as well as operating systems. It stops criminals entering your systems through any security holes!
  3. Ensure Anti-virus is updated regularly: Ensure that all updates are enabled
  4. Be suspicious: if an email doesn’t look right with dubious links or attachments, then don’t open it!

Security is key within all your systems and keeping up to date and using IT experts to help with this will ultimately ensure cyber criminals are kept at bay!

Is Your Business Secure from Attack?

firewall

Cyber attack reports have been such hot topics lately with some high-profile cases being reported. Most recently in the light of the new GDPR law and the ever-increasing sophistication of hackers, it is even more important that your systems are secure. However, this comes and a cost and more often, SME’s are over looking this essential part of security due to cost.

These are Mode’s tips:

Not all data is equal: Your business will hold employee data, client data, product, services data. All needs to be treated differently and held securely.

Data Back up: this needs to be done on regular basis. A back up is regular copying, reorganising and storing of all digital information. This can be physically stored or stored in the cloud or on a dedicated server.

Data recovery: This is the process of recovering data that may be no longer accessible or lost due to corrupted or damaged storage. Regular data back-ups relieve this data recovery process, but both are an essential element of protection.

Virus and Spam protection: Virus and malware replicates itself into other programs or files and their intentions are malicious. If undetected, they could easily damage data by corrupting or accessing private information, spread spam and leak confidential information that could harm your business.

Firewall: This is an essential network security system. The Firewall monitors traffic and controls it based on security rules. It’s essentially a barrier between your internal network and any external networks (e.g. Internet). This will restrict access of incoming and outgoing traffic that is suspicious, prevent infections and spreading of malware. Network firewalls run on computer hardware, host-based firewalls are software based and control traffic on the computer its installed on.

Whilst your business may not be able to afford an IT department to important these procedures, it is essential to engage an IT company to ensure that these steps are taken to protect your information, as if not, the cost to your business could be far greater.

The Benefits of Secure Follow Me Printing

With increasing concerns surrounding the security of our personal data, it is no surprise that organisations are beginning to evaluate all of their office and IT security, with one area of interest being secure printing.

So what exactly is secure follow me printing…?

Secure follow me printing allows the user to send a print job to a printer, but requires authentication from the user at the point of collection.

There are many benefits to installing a secure follow me printing solution. Read on below to find out more…

 

  • Improved security

Whether you have a legal department in house, or work for a private company where you would like to ensure that your company accounts are kept confidential, secure printing is an essential way to maintain data security. Many offices need secure printing, even if they don’t work in an industry that has confidentiality requirements.

  • Reduce printing costs

Follow me printing can help to reduce printing costs, because employees are required to release their print jobs at the printer, ensuring there is no wasted or accidental print outs.

  • Happier helpdesk

With follow me printing, system administrators are no longer required to manage print queues, giving them more time to focus on other important tasks.

  • Environmentally friendly

Follow me printing can help to promote environmentally friendly printing behaviour. For example, you can set up individual print profiles, which allow you to select double sided or black and white printing.

Is There Still Confusion Over GDPR?

Mode is in the process of preparing for the new GDPR law that will be implemented on May 25th, 2018 and supporting our clients through this transition and what it means for all businesses.

Recap: What is GDPR

  • New law that will replace the Data protection Act
  • It will require all business dealing with any EU business whether they are in the EU or not to:
    • All data must be obtained by consent
    • If requested by the individual, all data will have to be deleted upon request
    • Companies must detail what personal data they hold, how it is processed
    • Certain business will have to have a Data Protection officer
    • Data breaches will have to be reported to Supervisory Authorities within 72 hours of the breach
    • Failure to comply is potentially a fine of 4% of annual turnover or 20Million euros whichever is greater.

However, it is still apparent that confusion remains with many businesses, about what GDPR will mean to them and the impact on their processes.

IN 2016, Dell conducted research to see how well-prepared SMB’s and large enterprises were for the new law this year. This research was conducted across Europe. It indicated then some interesting findings:

  • 80% of respondents knew few details or nothing about GDPR
  • 97% had no plan
  • Only 9% of IT and Business professionals were fully prepared for GDPR
  • 70% of respondents had said that they are not or do not know if they are prepared.
  • 90% said their existing processes would not satisfy the new GDPR requirements.

However, Mode recently reviewed some more current research by Collyer Bristow (as featured in SmallBusiness.co.uk in October 2017 ) and discovered that businesses understanding of GDPR has improved but not to the extent that you would expect for a law that will due to be implemented in under 4 months:

  • 57% senior management have little or no direct involvement with data protection
  • 34% of businesses have no plans to perform a data risk assessment in 2017
  • 23% of businesses have no data breach contingency in place
  • 20% of businesses still have not taken steps to prepare for GDPR

So Why is There Still So Much Confusion Over GDPR?

An article in ITProPortal published in 31st January speculates that many companies have their “head in the sand” despite the plethora of consultants and industry commentators warnings!

Mode Recommends What We All Need to Do Now!

  • Implementing GDPR is a board-level issue and compliance must be agreed at this level
  • Businesses need to understand what data they hold, need and what is collected.
  • Decide what data is processed and whether your business needs to collect or retain the data.
  • Have processes in place that will allow you to delete data with confidence
  • Review how the flow of personal data proceeds through your organisation and how its processed, stored, secured and deleted.
  • Ascertain whether your current security policies are adequate to offer protection against unauthorised access and data loss.
  • Review any potential breach areas and whether your business has the tools to investigate any compromises.
  • Adopt an “end-to-end Security” approach, which will allow your business to guarantee a full life cycle of protection of personal data, which will include the creation and storage od data until the time it becomes obsolete.

Follow These Steps:

  1. Prepare: understand the personal data you hold and the potential risks
  2. Protect: Protect personal data from malicious attacks and misuse
  3. Detect: Provide rapid detection, understand the impact of any breach
  4. Respond: Respond efficiently and effectively to be compliant and mitigate any risk.

With the new law coming in under 4 months, it’s essential that companies act now to ensure we are all prepared for GDPR.

How Can SMEs Stay Safe From Cyber-Attacks?

Anti Virus Software

There have been several reports in the press recently discussing the successful cyber-attacks on high profile companies, including the NHS.

Does this mean that SME’s are at more risk now that well-known brands are being successfully attacked, and if so, how can they defend themselves? Mode wanted to address these concerns by providing tips that will help SME’s stay guarded from the increasing cyber security threat.

Two-thirds of businesses have been victims of cybercrime. However, one in four owners have admitted that they aren’t up to date on cyber security measures.

What are the priorities?

Data is the most valuable asset any business holds. Many of your electronic devices store data, such as laptops, PCs, photocopiers etc. It is rare that hackers can access data directly; typically they look to compromise end points and specific accounts. Therefore, SME’s should invest in some form of protection, such as NGAV (Next Generation Anti-Virus) and multi-factor authentication.

SME’s are often limited in financial resources and security can be costly, however, investing in sufficient anti-virus could ultimately prevent unnecessary financial stress.

Mode’s tips for Cyber Security:

  1. Review the data that your business holds to identify which assets need extra protection. Look at which 3rd parties can access it and identify whether data is adequately backed up. Consider encrypting any sensitive data or reducing network access to certain users, particularly for remote workers.
  2. Stay secure with regular IT updates and Anti-Malware updates. Recent research indicated that a third of SME owners aren’t keeping up to date with the latest IT regulations that could leave them vulnerable to attacks. Make sure you have Anti-Virus Software.
  3. Train staff. Limiting the threat is crucial. A third of employees have access to Facebook and other social media platforms whilst at work, and as half of SME’s do not provide their team with internet and computer guidelines, education is key to limit external threats. Make sure your employees know how to protect their personal information and how to behave on social media so that the company’s information does not end up on social networks.
  4. Secure your business with good passwords. Elaborate passwords ensure the protection of your data, so invest time into making a pool of passwords that you will alternate each month. The passwords should be kept in your head or only passed to trusted employees.
  5. Only use secure methods of payment. Do thorough research before establishing partner relations with different payment companies. To keep your business’ financial status secure, you need a reliable company that you can trust. The same goes with credit card information for your customers.
  6. Create back-ups. Your business can suffer negative consequences, such as a loss of a client database or budget information leakage if information is lost.
  7. Limit mobility of company computers. Do not allow employees to take computers home. A good idea would be to allow only the reasonable use of mobile devices so that information is not copied to many devices where you cannot keep track.
  8. Check the level of technical support you have. It isn’t always possible for an SME to have the resource of a dedicated IT Engineer. Outsourcing is the most practical idea to ensure the right controls are in place and that you have a trusted expert to resolve any issues.
  9. Run regular checks. SME’s must check the effectiveness of their procedures against cyber-attacks and manage any changes in risk levels.
  10. Have a plan in place. Ensure that, should you be attacked, you are able to limit the disruption to your business.

Mode offers many solutions to protect against cyber-attacks. Contact us today for more information.

The Office of the Future – A Global Workforce

home office

There can be no doubt about the fact that the face of business is changing at so rapid a pace, that some aspects of it may be almost unrecognisable to us in as little as a decade.

Businesses today vary of course in the extent to which they have embraced information technology; some industries are built upon being at the forefront of the latest, whilst others continue to coast along using their old, tried and tested methods of working but the fact remains that the way people use the internet is changing.

Flexibility equals security

Take for example the fact that young people under the age of 18 are among the least likely to use email as a means of communication. This is a good indicator that email is increasingly being seen as obsolete as an effective means of communication. Instead, cloud messaging continues to grow as the preferred method of communication due to its ability to link all devices within a network and free people from site-based communication technologies.

As Millennials begin to enter a workplace which in some cases is still committed to using outmoded methods of communication, organisation, storage, and processing, many of which will be completely unfamiliar or irrelevant to them, these methods will become more obviously outmoded and these same young employees who do not have the same associations or habits with regard to dated communications which are held by their seniors, will be confounded and likely frustrated by the customs which linger.

The slower or less secure methods of working will continue to be dropped by those entering the workforce, in favour of the fastest, the safest, and the most convenient. This could mean complete digitization and probably an almost total reliance on cloud computing.

Home workers usher in a new age

The development and improved reliability of technology has also had an impact in the amount of individuals choosing to conduct their work from home; either via an agreement with their employer or as a freelancer.

For freelancers, finding work, promoting their services and managing their workload from the comfort of their own home has become more convenient than dealing with a morning commute and of course it makes financial sense for businesses to use freelancers both in terms of expanding their stable of talent and saving money on the costs of employment.

The figures for the growth in those working from home in the UK have risen to previously unseen levels and in 2014 there were no less than 4.2 million people working out of their own homes; this is no less than 13.9% of the total workforce.

With numbers predicted to rise exponentially and people keen to benefit from the perceived benefits of a work-from-home lifestyle, the office of the future may not in fact be an office…it could be many, many thousands of them, creating a global workforce each responsible for their own data security and financial management.

Developments in Secure Printing for Business

'Security' in print

In our last blog we discussed the evolution of secure printing, citing examples in the last five years of security breaches as well as the current data on number of breaches and the expense this is causing organisations in the UK.

Why Invest in Security Printing?

Security breaches are not only expensive and fatal to businesses; they represent a breach in the legal requirement of many industries to maintain data security. Secure printing is an integral part of sound business security practices.

What is Being Offered in Security Printing

A number of security options are available in the field of secure printing. Toshiba offers options that are simple to use, including user authentication, self-encryption HDD, security pattern printing, access logs, access controls, IP/MAC address filtering, private print, data overwriting and encrypted PDFs.

Xerox holds a job in queue until you release it with a passcode. It also has a Print Security Audit Service, which can monitor whether company printers are used in alignment with company policy. Other options include overwriting, data encryption, embedded faxes and removeable hard drives.

Ricoh is another secure printing option, offering FlexRelease servers, a cord authentication package, an enhanced Locked Print NX, and a Smart Device Monitor for auditing and reporting on usage.

PaperCut also offers secure printing that can be released only by the user. It tracks and records what is being printed and by whom through user based reports.

Lexmark features a secure print release with id card, or by entering credentials. It has document accounting tools which can measure print quotas, and the printer can restrict access to users.

First Steps in Security Printing for Business

The first step in security printing for business is to work with a reputable, experienced print and digital technology agency to come up with a print management solution that satisfies your business requirements and security obligations.

Security can be a problem in this expanding technological world. Fortunately, there is a solution waiting for your business.

At Mode Print Solutions, we are always available to help develop a print management solution that will enable you to have secure printing within your business, as well as the peace of mind that comes with it.  Contact Mode to get started today.

© MODE 2018
Site Map | Privacy Policy | Cookies |Design: Innermedia