Is a False Sense of Print Security Putting Your Data at Risk?

Posted on November 04, 2014

The U.K. analyst firm Quocirca warns that a growing gap between how business leaders and their employees view the value of mobile printing is putting many companies at risk of a costly data breach. In fact, the company says that 66% of financial services firms had at least one print-related security breach, and 90% of public sector organizations had at least one data breach related to printing.

The good news, is that within the financial sector, only one in four of the companies that had a data breach had more than one ? but in the public sector, 35% or one in three had more than one breach related to printing.

Those numbers came from a 2013 survey of European businesses conducted by Quocirca, but Prat Agarwal, director of business development at secure mobile printing leader Breezy, thinks that a North American survey might turn up a similar rate of problems. ?We often see this kind of gap, where employees are eager for a way to securely print from their mobile devices, but top management isn?t convinced that a secure mobile print solution is a priority for investment. It?s changing as more and more businesses become aware of the need to secure mobile devices that connect to their data, but I think Quocirca is right to say that there is a false sense of security around the potential for a print-related data breach.

Facts & Figures to Consider

Everyone in IT knows that a data breach is costly, and that the costs include an erosion of customer trust and reputation as well as the cost of repairing the breach and related legal and regulatory costs. They also understand that they have to balance data security with a suitable level of access to employees, business partners and customers. But, Quocirca says that many IT leaders forget that that much of this information resides on one of the least secure types of media ? the printed document ? at some stage in its lifecycle.

As more businesses move to a shared networked multifunction peripheral (MFP) environment, the risk that unclaimed confidential or sensitive information will fall into the wrong hands ? either accidentally or intentionally ? has risen dramatically. Quocirca research reveals that just 22% of the companies in its survey have implemented secure printing practices for the multi-function printers within their organization. This leaves businesses exposed to data losses; 63% of businesses admit they have experienced one or more print-related data breaches.

Quocirca?s research reveals that just 22% of organizations place a high importance on print security. Some industry segments, such as financial services companies, were much more likely to consider the security of printed documents as a very high priority.

Quocirca_Pie_Chart_Importance_of_Printed_DocumentsDespite the volume and confidential nature of paper documents handled by the public sector, government organizations scored an average of just 2.6 in Quocirca?s rating. This means that just 6% of public sector respondents rated print security as a high priority.

Quocirca_Bar_Chart_on_Print_Security_Importance_by_Sector

Quocirca_Bar_Chart_on_Print-Related_Data_Breaches

Reducing Your Risk

While Breezy?s Agarwal is quick to admit that secure mobile printing is just one facet of the data security needs in most businesses, he says that there are a number of key steps companies can take to reduce the risk of a print-related security breach. And the first step, he says, is recognizing that it?s human behavior that accounts for most print-related data breaches.

?If your employees believe that printing a document is critical to getting the job done, they will print the document,? Agarwal says. ?They aren?t trying to violate company policies or put data at risk ? they just want to get the job done. So if they?re on a business trip, and the latest version of a presentation or contract or other document arrives via email after they leave the office, they will print that wherever they can. It might mean uploading it to an unsecured Cloud service like Dropbox, so they can print it on their home computer, sending it to the printer at the hotel?s business center, or dropping by the local copy shop to use one of their public printers. And that?s when your data is most at risk: when a well-meaning employee is just trying to get the job done.?

Quocirca recommends the following best practices for reducing the risk of a print-related data breach:

  1. Establish a secure printing strategy. Include the printing environment in the overall information security strategy. Ensure that this strategy considers policies, standards and procedures along with technology, resource requirements and training. Different organizations have different security requirements, so adopt a layered approach that begins with basic protection and can be enhanced with advanced capabilities as business needs change.
  2. Consider a managed print service (MPS). A managed print environment is often a key step in consolidating an outdated print infrastructure. Using advisors such as MPS providers and resellers with domain expertise, such as a security specialization, can help businesses match their print security needs with appropriate technology. Improved print security may be possible without a big investment as existing capability is simply not being used.
  3. Secure the device. MFPs contain hard drives, memory, and a CPU. Many even use mainstream operating systems such as Windows and Linux. As a result, many security best practices that apply to network devices apply to MFPs as well, depending on the level of security needed. This includes implementing the blocking of network connections, use of hard disk encryption, hard disk overwrite, secure watermarking and so on. Trusted advisors can help to determine what measures should be implemented depending on the level of security needed.
  4. Implement pull printing across all devices. Look for third party products that can provide a consistent approach across all networked printers and MFPs, and also ensure that all print, copy and scan usage can be tracked and monitored across the device fleet.
  5. Regularly monitor the print infrastructure. Implement continuous monitoring through the use of print tracking and audit tools.

For more information on secure mobile printing, watch this video from Breezy, or download The Definitive Guide to Mobile Printing, a free ebook from Breezy.

Easy to deploy and manage

Customers report that Breezy installations are among the easiest they’ve ever seen for an enterprise product.