For all of the discussions and good intentions of the paperless workplace, printing stays a fixture of day-to-day life. It appears probably – within the foreseeable future a minimum of – that there’ll at all times be some enterprise requirement for exhausting copy and scanned paperwork, making multi-function printers (MFPs) important to most organisations.
However though the environmental ramifications of printing are well-defined, safety dangers are a part of the dialog far much less usually.
To a point, addressing the difficulty is as simple as making use of the generic good rules of dealing with paperwork in a protected and safe method, equivalent to ensuring they aren’t not noted for anybody to see after being printed, for instance.
Nevertheless, as a result of printers are basically a sequence of IT property related to the company community – with huge quantities of usually delicate information passing by them – they should be thought to be one other weak end-point within the IT infrastructure. And this vulnerability is exacerbated by the plug-and-play nature of many MFPs, which means they require little or no arrange and will be inserted wherever on the community. On the bodily aspect, they’re often in simply accessible areas within the enterprise, with apparent implications.
Minimising the dangers posed by printers to acceptable ranges requires an organisation to plan a technique revolving round course of, know-how and other people.
Evaluation course of
Step one is to totally assess the enterprise requirement. Why do folks have to print paperwork? Which of them do they should print? What dangers does this expose the organisation to?
This understanding permits the completely different eventualities which might be more likely to happen to be developed and, subsequently, a course of constructed to safe the print lifecycle of the doc.
Cyber safety and bodily or company safety groups might want to come collectively to make sure every part is taken into account and that each entities have the power and functionality to assist and audit the processes which might be developed.
When digital info strikes to the bodily area, lack of readability about who’s accountable for any points that come up can lead to conflicting guidelines from every workforce – and, finally, practices that don’t match the organisation’s threat urge for food.
In addition to mirroring the chance urge for food of the enterprise, the method stage ought to take into account that introducing too many controls may finally compromise operations by making them overly onerous.
Tackling the tech
Like some other endpoint on the community, printers should be configured and secured accurately if persons are to have the know-how they should do their job with out incurring threat. As with the method stage, the precise actions taken will depend upon the chance urge for food of the enterprise, however the next safety controls must be excessive on the consideration listing:
- Log every printer within the asset register and Configuration Management Database (CMDB).
- Embrace printers within the patching and vulnerability administration course of.
- Use endpoint detect and response instruments to observe printers and fold them into the general monitoring functionality in order that indicators of compromise (IoCs) are flagged and related information is reviewed by analysts to find out the implications on the broader company community. Encrypt print and scan jobs as they transfer throughout the community and are at relaxation on the printer itself, with the extent of encryption decided by the classification of the information being transmitted.
- Make use of uniform guidelines throughout all IT property; if USB gadgets can’t be plugged into different endpoint gadgets for instance, this additionally applies to printers.
- Use one printer kind and mannequin all through the organisation to permit a safety hardening customary to be set.
- Make the bodily safety of every printer applicable to its location and who makes use of it.
- Limit using non-standard printers; solely HR ought to be capable of print pay cheques for instance, whereas printers loaded with firm letterhead paper must be accessible to managers and no-one else.
- Place all print gadgets on a devoted virtual LAN (VLAN) to make sure they’re hardwired into the community; print information is saved separate from private and non-private web site visitors, and solely gadgets with entry to the particular VLAN can use the printers.
- Have clear processes (and gear) for exhausting copy doc disposal.
- Tie printing actions to doc properties; these categorised as confidential or above, for instance, can’t be printed.
- Undertake FollowMe printing, which permits for a shared print queue the place particular person jobs can solely be accessed and launched by person authentication with a token or passcode (or each if two-factor authentication is required). Tech can assist customers assist themselves (and finally the safety of the organisation).
- Disable the MFP performance and providers that aren’t required. The fax functionality could also be utilized in one website, for instance, however be redundant elsewhere within the enterprise, whereas not each printer will want an online interface or wi-fi connection (particularly, wi-fi connections that permit anyone to attach and print must be put beneath the highlight).
- Embrace scanned paperwork, which may include delicate personally identifiable info (PII) equivalent to passport particulars, within the doc dealing with course of. Tips have to cowl the place these are saved, who has entry to them and whether or not they should be encrypted if emailed.
As with most components of cyber safety, a well-trained workforce and a constructive security culture can restrict a lot of an organisation’s publicity to printer-related threat.
When it comes to training, processes should be defined and understood all through the organisation; they need to even be bolstered over time to test that person recall is correct and that probably the most up-to-date variations of the processes are being adopted.
A lot of that is simple, equivalent to educating folks to deal with printouts accurately and why that is essential – whether or not that’s ensuring they’ve collected paperwork from the printer, or having a confidential waste bin/shredder close to the printer and educating folks to make use of it. Equally, if passwords are used to guard categorised paperwork from printing whereas unattended, the passwords should be sturdy.
Over the long term, it’s essential to develop a tradition wherein everybody embodies good safety behaviours, following safety processes relatively than circumventing them, and reporting any lapses in course of as quickly as recognized so investigation and remediation can happen.
Constructive reinforcement is a useful method; it ought to encourage folks to maneuver away from the oft-held view that safety is an impediment to doing their job, and focus as a substitute on understanding the significance of their position in good safety operations. Actual-life tales of the implications ought to the processes fail or not be adopted will be helpful, so long as they’re related and sensible so they aren’t seen as scaremongering.
The post-pandemic workplace
The Covid-19 climate has posed questions that straddle all three elements of the process, technology and people triangle. How can employers present their groups with the method and know-how to print securely at dwelling, in addition to guarantee customers are following required safety behaviours (ensuring confidential materials printed at dwelling isn’t used inadvertently by different members of the family, for instance)?
Can employees hook up with native printers that they’ve bought themselves, a transfer which will open the company community to huge quantities of additional threat? Can folks destroy paperwork utilizing dwelling shredders?
Even when print safety methods are in place, many had been developed pre-pandemic and are subsequently ripe for evaluate. These questions, together with varied different elements are helpful to think about, significantly in view of workplaces being doubtlessly modified without end, because the variety of folks working from dwelling a minimum of a part of the time appears more likely to stay important.
Printer safety might not initially cross many peoples’ minds, however it’s a key component in processing information and so must be handled with the identical care and a focus given to different IT property.