- Growth of 66% CAGR in security incidents (source)
- 19% of US healthcare providers report a security breach in the last year and say that nearly 10% of the time it was from a colleague (source)
- Almost 2/3rds of organizations don’t have a documented IAM (Identity & Access Management) Policy (source)
- Average cost of a data breach increased by 15% in the past year to $3.5 million (source)
- “Employee error” is the most common reason for data breaches (source)
- Nearly 30% of all documents are left/abandoned “at the printer” allowing for internal hard copy threat (source)
Some alarming statistics to be certain. But one area that most people don’t pay attention to is document security from a printing and copying perspective. If documents are left lying around and employees have undocumented access to MFP functions such as copy and email, you could be overlooking one of the most common data leaks in your organization.
There is good news. The technology and know-how exists to ensure that physical document security is airtight. Here are 3 proven tips to ensure airtight security for your copy and print infrastructure:
1. Documented Print and Copy Governance Policies: I’ve conducted Managed Print assessments for nearly a decade and I can say that, invariably, companies don’t usually have Governance policies around print and copy. Considering that office printing is still one of the largest unaccounted annual expenses in corporate America, that really isn’t that surprising. Just because you don’t have one doesn’t mean it’s hard to come up with one, and you’ll be glad you did. Here is a simple example:
“At Company XYZ it is our mission to print and copy both securely and sustainably. The following print and copy policies will ensure we all do our part to that end:
- Email in monochrome only: Color printing is not permitted for email. We also strongly encourage our employees to print emails only when necessary for archiving and similar purposes.
- All print jobs over 5 pages to be done on approved networked printers/MFPs: Single function devices are for print jobs of 1 or 2 pages only.
- Duplex required for all non-presentation printing: If a document is not going to be seen by a customer it is policy that all other documents be duplexed. This will reduce costs and dramatically decrease our carbon footprint.
- Departmental color printing limits: Each department has been given a monthly allowance for total color printing volumes. Should a department need to exceed this amount they will require corporate approval.
- Zero “Abandoned” Documents Tolerance: A Company XYZ member will check printer and MFP trays and other areas for documents on a daily basis. Safety of our corporate information is paramount and abandoned or unretrieved documents will not be tolerated and could lead to remedial action.
Each department will present quarterly reports to demonstrate that Company XYZ’s print governance policies are being adhered to.”
Once Print Governance Policies have been established they should be shared and discussed with employees on a regular basis to ensure fairness and adherence.
2. Embedded Authentication & Tracking: We live in a world where software has become a vital component of daily life. Even our automobiles use software to control fuel consumption and to provide better overall safety. Most modern MFPs (Multi-function Printers) allow for installation of advanced and agnostic embedded solutions provided by companies like Print Audit to dramatically improve document production security and compliance tracking. Here are some of the key things to look for:
- Secure Authentication: Users will be required to authenticate at the device before print, copy, scan or fax functions can be used. This can be done via secure pin-code entry, Biometric authentication (fingerprint scanning) or HID card swipe.
- Audit Trail Reporting: Receive audit trails for all the documents created at the MFP.
- User Tracking: Track every copy, scan and fax job. For legal departments this can also be done at a client/matter level.
- Declining Balances: Departments and/or Users can be given a strict monthly or quarterly limit to the amount and type of printing they are permitted to do.
Installing embedded solutions is the single best way to dramatically improve overall document production security. A side benefit is a huge reduction in overall printing volumes. When employees realize that their print, copy and scan behavior is being monitored and documented they tend to print a lot less. I’ve seen reductions of 30% or more in total printing volume at customer sites where embedded solutions are deployed.
3. Secure Release Software: It’s not just MFP’s that can benefit from improved authentication and tracking. Document security for printing to networked single-function devices can be dramatically improved by using Secure Releasesoftware. When users want to print a document they simply use their iOS or Android device to approve release of the print job once they are standing in front of it. Some benefits:
- Elimination of abandoned pages: No more sensitive information lying around!
- Improved HIPAA and Sarbanes Oxley compliance: Secure release printing ensures that confidential print jobs stay out of the wrong hands.
By practicing these 3 tips your organization will reduce security risks associated with document output, reduce overall printing costs, and improve corporate sustainability. That is a great amount of benefit for very little effort.
If you would like to learn more about how you can improve document output security, contact Print Audit or message me on LinkedIn. All you have to lose is that sinking feeling of knowing that you could have done more to protect your company’s valuable data.
Here is a light hearted video to help remind you that we could all be doing more to improve document output security. Enjoy!