Member Article

Nuance Communications’ five ways to improve print security

Have we become complacent about multi-function printers (MFPs)? From a security perspective, the answer is a potential ‘yes’.

For if you were to compile a list of the most vulnerable network access points in the workplace, how many people would think that one of the most prevalent risks has also become the most over-looked?

Today, MFPs are much more than just innocuous boxes in the corner that provide the functions of copy, print and scan; instead, MFPs continue to quietly evolve offering new levels of functionality that – overall – has a positive and welcome impact on both workplace productivity and convenience.

But no organisation can afford to ignore that that convenience comes with a clutch of network vulnerabilities that must be addressed.

To understand the potential threat, it’s time to rethink the MFP, just as the Federal Trade Commission has. In a recent report, it refers to digital copiers as computers.

From a security perspective, that’s probably a valid and not to mention sensible comparison, given that digital copiers and MFPs have more in common with computers than ever before. It is even truer when you think of how multi-faceted MFPs are.

Consider how these devices are being used today. Employees use them as document capture solutions, scanning documents in order to deliver them to their desktops or directly to their contacts via email.

In a bid to enhance their own productivity, IT managers meanwhile rely on automated alerts to let them know when toner is low or a device is in need of repair. Modern MFPs are sophisticated enough to upgrade themselves on the fly thanks to software patches received via the network.

But to facilitate all of this end user convenience, MFPs are reliant on hard drives, embedded firmware, and network connections, just like a PC – and hence the similar vulnerabilities.

Despite that, there are five ways that document workflows can be protected, by carefully securing both the physical and electronic access points associated with MFPs.

In short, if you now view MFPs and print security in the same way you view security on computers and mobile devices, you stand a better chance of making them robust in the event of an attack.

To help get the basics in place for a more secure MPF environment, Nuance Communications has devised these five practical starting points:

1. Insist on user authentication. It is very important to audit, report and track user activity and implement an MFP’s various other security features. Fact is that there is no MFP less secure than one that allows anonymous usage. When left in that state, those devices are susceptible to various forms of abuse, compounding the issue by making the tracing of the source of a data breach or leak, virtually impossible.

2. Centralise the auditing of network activity. Effective auditing will enable the MFP to store tracking information in a database. In the event of a data breach, this security practice gives you the ability to easily track down which device was the source of the breach. Furthermore, it’ll tell you who the authenticated user was, and where the data was sent.

3. Encrypt data to and from MFPs. Modern multi-function devices contain hard drives which are used to cache scanned document images and printed documents. As a result, all non-volatile memory media used to cache data on the device should employ a method of data erasure to protect sensitive information.

4. Enforce the use of trusted network destinations. With incidents of sensitive documents being sent to unintended recipients, it is wise to consider solutions that enable MFPs to validate metadata entered by users. For example, hospitals should enforce the validation of phone numbers entered at the MFP in order to prevent faxing to untrusted numbers.Financial companies should require that email addresses be validated so that documents scanned at an MFP cannot be delivered to non-valid email addresses. Along the same lines, companies that still perform a significant amount of faxing in their day-to-day operations should ensure that their MFPs are making use of secure, PII protected lines. While you may think this sounds like common sense – and, to a degree, it is – it’s still too often overlooked.

5. Implement rules-based printing. As already established, the most secure access begins with user identification at the device, along with the ability to control what each user can or cannot do. For example, rule-based printing should require that users be physically present to initiate a print job (e.g, requiring a proximity smart code to be entered).

While these five steps can have a dramatic impact on your document security, they should be considered a starting point.

To learn what else you can do to create a more secure network environment in the context of multi-function devices, Nuance has devised its document security solutions to help you protect your workplace environment and eliminate many of the risks associated with MFPs and digital copiers.

With so much effort already invested in making your PCs, mobile devices and networks secure, neglecting to do the same with your MFP could unnecessarily undo much of the good work and best security practices that are already in place.

This was posted in Bdaily's Members' News section by Pete Jackson .