The U.S. Federal Trade Commission doesn’t mince words when it comes multifunction printers (MFPs): “Digital copiers are computers,” they say, complete with hard drives, embedded firmware, and the ability to communicate with other network systems. Without the proper security measures in place, MFPs present a significant business risk.
Cybersecurity initiatives have traditionally focused on preventing data breaches, which the Ponemon Institute defines as “an event in which an individual’s name plus a medical record, financial record, or debit or credit card information is potentially put at risk,” by securing computer networks and perimeters. However, overlooking or deprioritizing MFPs can be dangerous for several reasons.
MFPs are connected to the corporate network, enabling users to email documents to the MFP for printing or send scanned documents through email. This connection to the network puts MFPs at risk to threats originating on corporate networks and desktops. A huge portion of customer information, including personally identifiable information (PII), continues to be stored in business documents. This means PII is at risk every time electronic files are converted to physical documents through printing, or paper documents are converted to digital versions through scanning.
Documents also present a security risk because paper workflows can be difficult to track and control. Documents filled with sensitive PII can be forgotten or intercepted on printer trays or stored in desktop cabinets and files, beyond the jurisdiction of electronic documents’ retention rules. MFPs, therefore, must be a focal point for securing paper-based data and ensuring a higher level of information security. Trying to get a handle on paper can seem like an enormous task, nebulous task, yet there are relatively simple procedural safeguards that can enable greater control.
User authentication at the device level
Any action sent to or taken from an MFP should require user authentication. Authentication enables the auditing, reporting and tracking of user activity as well as various other security features. Anonymous MFP use is unsecure. In addition, to avoid exposing documents with PII when printed, secure printing requires that users authenticate at the device before documents are released. The device must print only those documents that are associated with the authenticated user, and the print job must not be stored on the device prior to printing.
User-based access control
Restricted permissions limit MFP access to authenticated users and only allow them to perform previously approved tasks. This is crucial from a central security management perspective by enabling the MFP to restrict document printing and scanning based on group membership.
File destination control
Limit file destinations, for example fax numbers, email domains, network folders, and case management systems. For example, a government agency may allow documents scanned on the MFP to only be sent to .gov email addresses. In the example of faxing, lack of control can mean sensitive PII traveling over unsecured lines, so organizations should consider eliminating direct analog faxing by adopting a centralized fax server, or setting up “white lists” for commonly used fax addresses.
Encrypt data going to/from MFPs
Ensure all information is encrypted when sent from a device to a target location such as a fax, email or network server, or document or content management system. Modern MFPs often contain hard drives which are used to cache scanned document images and printed documents. As a result, all non-volatile memory media used to cache data on the device should employ a method of data erasure to ensure sensitive data is never stored on the MFP.
Complete audit trail
Track and log detailed information about every transaction that flows through your system. Auditing allows the MFP to store tracking information in a database. In the event of a data breach, this capability will allow you to easily track which device was the source of the breach, who the authenticated user was and where the data was sent.
When it comes to information security, physical paper is often treated as a second-class citizen, but this is no longer acceptable. Organizations may feel helpless in trying to get paper under control, especially given its immunity to deletion protocols and its natural ability to “live forever.” But there are simple steps to help shore up processes that can be implemented at the MFP level. When combined with greater network cyber security protections, the result is a more comprehensive, balanced information security outcome.