Security breaches are constantly in the news. From hacks, to breaches to identity theft, it’s an ongoing challenge to secure your information.
So when GDPR was introduced 12 months ago, it definitely changed the face of business security forever. With all the complications, additional responsibility and legislation, it’s mainly a positive direction for the protection of the most valuable asset in your business.
However, there’s a piece of office equipment that although critical is often overlooked as a security breach. It has access to customer information, sensitive and classified information and in the worse case, it’s a gateway into our business mainframe.
Sometimes referred to as ‘the printer’, ‘the copier’, ‘xerox machine’ or even the ‘multifunctional device’ (MFD), this essential office tool is vulnerable to attacks, as they’re either physically or wirelessly linked inside, and often, outside of your organisation. This growing demand for connectivity, ease of use and flexibility, blurring the boundaries of consumer and work environments has left ourselves, our data and the company exposed to malicious activities.
So what can be done and what should we do to make sure this is considered? Well, these options can and should be addressed, as you did with GDPR, the protection should be seen as an extension to your existing policy. Start by analysis, and review where your devices are and how each is open to the networks. By establishing access points into your system from internal pathways, it can help show you where there may be holes from the outside.
Also depending on what these printer or copiers are being used for may establish other weaknesses. For example, if you are scanning from or into cloud solutions like Dropbox, Microsoft 365 or SharePoint, how are users authenticating themselves, how are they accessing information and what controls are in place to view folders, records or documents? Is there an audit trail for users logging in, removing documents or making changes?
It can seem complex, and in truth it really can be, but there are tools available, add-ons to the equipment, or additional software solutions that can help build greater control into your document workflow. Something your business should definitely consider now or as part of reviewing all document (hardware) infrastructure.
Need some help? Let Temple Knight guide you through this practice and trust in our 30+ years of experience we have in providing clients with the right solution.
By James Young
