Protecting an Organization’s Most Important Asset: Information29 May, 2014 By: Don Dixon, Xerox
There’s no question that the workplace is changing. In fact, it’s not really a place at all—work happens in the office, at home and on the go. How work gets done is changing just as rapidly, driven by cloud access, social media, virtual collaboration and other technologies and communication vehicles.
With all of these changes in play, it’s no surprise that securing information is even more critical as it scales across paper, digital, the cloud and social networks. How can organizations tackle the challenge to access, protect and capitalize on their intellectual assets?? It’s no easy task. Getting the right information to the right employee at the right time, and in a secure way, is a huge benefit to organizations. But with an always-connected workforce and this deluge of new information being created, security threats have become increasingly sophisticated and prevalent.
Securing intellectual property, printers and multifunction devices
When speaking with CIOs, I’ve found their concern is growing as it relates to managing the vast amount of devices and protecting a company’s data from cyber-attacks. It comes as a surprise to many people that any embedded device – from an iPad to a desktop computer or an MRI machine to a smart refrigerator – is vulnerable. Businesses today are well aware of the risks associated with PCs, servers and computer networks, but what about securing printers and multifunction devices, and the intellectual property that flows through them every day? These aren’t typically top of mind, but if proper security isn’t in place, these devices can compromise an entire infrastructure.
Insider threats are among the biggest security risks, whether from employee carelessness or lack of knowledge about security procedures; inadequately managed printers and multifunction devices are at the top of the list. In fact, a 2012 Xerox McAfee study found that 87 percent of employees work at a company that has an IT security policy – however, one in ten rarely or never follow the policy and two in ten aren’t even aware a policy exists. The security risks associated with these devices run the gamut from the disgruntled employee who uses scan-to-email to distribute sensitive company documents to a personnel file sitting in an output tray.
Managing and securing documents and information must be part of a company’s core business processes and should be fully integrated into the IT infrastructure. However, most don’t even know how many devices they have, how they are being used and if they are even the correct solutions for their business. Therefore, they have no visibility into whether printers are presenting a security threat because of misuse.
Managed service providers helping to ensure security
Managed service providers (MSPs) can help companies achieve a level of security while information travels between employees through the infrastructure and can raise awareness about the risks related to printers and documents. Using managed print services (MPS), they can help secure an environment by managing a company’s devices, analyzing their printer environment and developing a customized plan to not only maximize device usage, but increase workplace productivity.
Without the proper security measures in place, a company’s information can get hacked. So, it’s even more critical to protect customer information, and to comply with government regulations like HIPAA and Sarbanes-Oxley. Putting the right technology and processes in place is essential to help with security protocols and secure print practices.
MSPs are well positioned to help enterprises, healthcare providers, educational institutions and government agencies effectively address these concerns and ensure that printers are not a weak link when it comes to security. There are a number of printer security tools and techniques within MPS that any organization can take to seamlessly increase security and safeguard against threats:
• Access controls – Instead of allowing sensitive documents to sit unattended in output trays, networked MFPs and printers hold the print job until the user enters the security code and stands ready to retrieve.
• Encryption technology – This standard security capability scrambles data stored on the hard drives of printers and MFPs as an extra safeguard to ensure critical information doesn’t become accessible to unauthorized users.
• Usage policies – Additional security is enabled by limiting scan-to-email and other settings on MFPs that prevent the devices from becoming conduits for distributing sensitive data.
• Auditing software – MSPs can create reports about device usage and provide audit trails in case of suspicious activities.
• Easy-to-use interface – Tools and dashboards can make security processes effortless – enabling employees to be more productive, collaborative and innovative.
A security breach leads to a drain on productivity, costly workflow disruptions, loss of irreplaceable intellectual property, and for some companies, a significant liability resulting in fines and lawsuits that can amount to millions of dollars.
Critical intellectual capital is as good as gone when employees can’t find or access it when it matters most. Security solutions offered as part of an MPS deployment eradicate that risk and put information to work, helping enterprises maximize it to improve the capabilities in their marketplace, whether it’s making better products for their customers or delivering a better service themselves.
Security solutions offered as part of an MPS deployment eradicate risk & put information to work.
Don Dixon has 27+ years in the office and production printing markets, with experience in office imaging and printing services, solutions & product arena. At Xerox he leads the Global Document Outsourcing Business Group, driving revenue/profit growth for Xerox’s MPS & Centralized Print Services offerings. Prior to Xerox, he served as HP’s chief strategist for its worldwide MPS business, and 10 years at Gartner as an imaging & printing analyst/research director. Visit http://www.xerox.com for company information.