For all of the discussions and good intentions of the paperless workplace, printing stays a fixture of day-to-day life. It appears probably – within the foreseeable future at the very least – that there’ll at all times be some enterprise requirement for exhausting copy and scanned paperwork, making multi-function printers (MFPs) important to most organisations.
However though the environmental ramifications of printing are well-defined, safety dangers are a part of the dialog far much less typically.
To a point, addressing the difficulty is as easy as making use of the generic good rules of dealing with paperwork in a protected and safe method, resembling ensuring they aren’t not noted for anybody to see after being printed, for instance.
Nevertheless, as a result of printers are basically a collection of IT belongings linked to the company community – with huge quantities of typically delicate knowledge passing by way of them – they should be considered one other weak end-point within the IT infrastructure. And this vulnerability is exacerbated by the plug-and-play nature of many MFPs, which means they require little or no arrange and could be inserted wherever on the community. On the bodily aspect, they’re often in simply accessible places within the enterprise, with apparent implications.
Minimising the dangers posed by printers to acceptable ranges requires an organisation to plan a method revolving round course of, know-how and other people.
Overview course of
Step one is to totally assess the enterprise requirement. Why do individuals must print paperwork? Which of them do they should print? What dangers does this expose the organisation to?
This understanding permits the totally different situations which might be more likely to happen to be developed and, subsequently, a course of constructed to safe the print lifecycle of the doc.
Cyber safety and bodily or company safety groups might want to come collectively to make sure all the pieces is taken into account and that each entities have the power and functionality to help and audit the processes which might be developed.
When digital info strikes to the bodily area, lack of readability about who’s accountable for any points that come up may end up in conflicting guidelines from every workforce – and, finally, practices that don’t match the organisation’s threat urge for food.
In addition to mirroring the chance urge for food of the enterprise, the method degree ought to think about that introducing too many controls may finally compromise operations by making them overly onerous.
Tackling the tech
Like some other endpoint on the community, printers should be configured and secured accurately if persons are to have the know-how they should do their job with out incurring threat. As with the method stage, the precise actions taken will depend upon the chance urge for food of the enterprise, however the next safety controls must be excessive on the consideration checklist:
- Log every printer within the asset register and Configuration Management Database (CMDB).
- Embrace printers within the patching and vulnerability administration course of.
- Use endpoint detect and response instruments to observe printers and fold them into the general monitoring functionality in order that indicators of compromise (IoCs) are flagged and related knowledge is reviewed by analysts to find out the implications on the broader company community. Encrypt print and scan jobs as they transfer throughout the community and are at relaxation on the printer itself, with the extent of encryption decided by the classification of the info being transmitted.
- Make use of uniform guidelines throughout all IT belongings; if USB units can’t be plugged into different endpoint units for instance, this additionally applies to printers.
- Use one printer kind and mannequin all through the organisation to permit a safety hardening customary to be set.
- Make the bodily safety of every printer applicable to its location and who makes use of it.
- Limit using non-standard printers; solely HR ought to have the ability to print pay cheques for instance, whereas printers loaded with firm letterhead paper must be accessible to managers and no-one else.
- Place all print units on a devoted virtual LAN (VLAN) to make sure they’re hardwired into the community; print knowledge is saved separate from private and non-private web site visitors, and solely units with entry to the particular VLAN can use the printers.
- Have clear processes (and tools) for exhausting copy doc disposal.
- Tie printing actions to doc properties; these labeled as confidential or above, for instance, can’t be printed.
- Undertake FollowMe printing, which permits for a shared print queue the place particular person jobs can solely be accessed and launched by way of consumer authentication with a token or passcode (or each if two-factor authentication is required). Tech will help customers assist themselves (and finally the safety of the organisation).
- Disable the MFP performance and companies that aren’t required. The fax functionality could also be utilized in one web site, for instance, however be redundant elsewhere within the enterprise, whereas not each printer will want an online interface or wi-fi connection (specifically, wi-fi connections that permit anyone to attach and print must be put below the highlight).
- Embrace scanned paperwork, which might include delicate personally identifiable info (PII) resembling passport particulars, within the doc dealing with course of. Pointers must cowl the place these are saved, who has entry to them and whether or not they should be encrypted if emailed.
As with most components of cyber safety, a well-trained workforce and a constructive security culture can restrict a lot of an organisation’s publicity to printer-related threat.
By way of schooling, processes should be defined and understood all through the organisation; they need to even be bolstered over time to verify that consumer recall is correct and that essentially the most up-to-date variations of the processes are being adopted.
A lot of that is easy, resembling instructing individuals to deal with printouts accurately and why that is vital – whether or not that’s ensuring they’ve collected paperwork from the printer, or having a confidential waste bin/shredder close to the printer and educating individuals to make use of it. Equally, if passwords are used to guard labeled paperwork from printing whereas unattended, the passwords should be sturdy.
Over the long term, it’s essential to develop a tradition through which everybody embodies good safety behaviours, following safety processes somewhat than circumventing them, and reporting any lapses in course of as quickly as recognized so investigation and remediation can happen.
Constructive reinforcement is a useful approach; it ought to encourage individuals to maneuver away from the oft-held view that safety is an impediment to doing their job, and focus as a substitute on understanding the significance of their position in good safety operations. Actual-life tales of the implications ought to the processes fail or not be adopted could be helpful, so long as they’re related and lifelike so they aren’t seen as scaremongering.
The post-pandemic workplace
The Covid-19 climate has posed questions that straddle all three elements of the process, technology and people triangle. How can employers present their groups with the method and know-how to print securely at house, in addition to guarantee customers are following required safety behaviours (ensuring confidential materials printed at house isn’t used inadvertently by different members of the family, for instance)?
Can workers connect with native printers that they’ve bought themselves, a transfer which will open the company community to huge quantities of additional threat? Can individuals destroy paperwork utilizing house shredders?
Even when print safety methods are in place, many have been developed pre-pandemic and are subsequently ripe for overview. These questions, together with numerous different elements are helpful to think about, notably in view of workplaces being probably modified perpetually, because the variety of individuals working from house at the very least a part of the time appears more likely to stay important.
Printer safety could not initially cross many peoples’ minds, however it’s a key ingredient in processing knowledge and so must be handled with the identical care and a focus given to different IT belongings.