It seems all we see in the news anymore is another article about Ransomware and it certainly has gripped the popular (and fearful) imagination. I know a couple of people who have fallen victim to it and you probably do to. But I know a TON more people who have stories to share about data breaches and leaks from “the inside.” In most cases they know the secrets left the office but they have no idea how or when. Unlike ransomware, these threats to data security exist under our noses every day and most people don’t even know that it’s happening.
Here are the 3 ways your corporate secrets could be at risk today (2 of which have nothing to do with ransomware!), and just as importantly, advice on how to stop the threats.
Abandoned Documents: Before you read any further, get up and go for a walk around your office. I want you to look on cabinets, in printer trays, the break room, and in other areas for piles of abandoned documents that are just lying around. I’ll wait…okay, you back? Were you surprised at the number of printed documents just lying around? I’ll bet you were. The question is, what would stop a disgruntled employee or visitor from grabbing some of those documents and simply putting them in their bag and walking out the door?
You’re not alone. I’ve done hundreds of managed print assessments and most offices I’ve been too have abandoned or neglected documents lying around. Most people don’t mean to do this. A person sends a print job, they get a phone call and get distracted, and they forget they printed it in the first place. Sometimes people send print jobs only to realize they wanted to send it to a different device for quality purposes.
The Wrong fix: I’ve seen printed reminders thumbtacked on walls near devices saying “Please don’t leave documents lying around”, and others who periodically send emails saying the same thing. These can have some moderate effect for a short time, but unfortunately human behavior being what it is, people revert to their old ways.
The RIGHT fix: Contact your managed print provided and ask about “Secure Release” and “Embedded” options. This document security option will ensure that documents never print until the user authenticates at the device itself. So, they could send a print job, never go to pick it up, and it will never be printed. Or, they could print a document, authenticate at the printer 3 hours later and have the page print then. This will ensure sensitive documents aren’t left lying around and will also save you a ton of money from wasted documents that don’t really need to be printed!
Untracked Copying: Most modern offices have a few copiers or MFPs. Some larger organizations have hundreds of them. How do you know who makes copies at a device? If you haven’t already addressed this problem you’ll want to soon. There is nothing stopping anybody from simply walking up to an unsecured MFP or copier and making copies of company secrets without anybody being the wiser.
When I’m doing an assessment I’ll often pick up a document that is sitting in a tray, and make a few copies. I’ll then give those copies to the I.T. manager and ask how he would know that I had done so. There’s usually a few seconds of silence and blinking eyes. Once we move past that it becomes clear that there’s a security hole that nobody had ever thought about.
The wrong fix: Some MFPs will allow configuration for authentication through active directory or pincode login. The problem with this method is 2-fold: First, each manufacturer brand must be configured individually and it’s extremely time consuming and often not considered. Secondly, the data is often stored on the hard drive of the device and running regular reports on user copying is next to impossible.
The right fix: Installing an embedded solution which works across multiple brands and using an HID card to authenticate! Good vendor-agnostic embedded solutions store user copying metadata in a central database for easy generation of reports and alerts from all devices used in the office. Having people authenticate isn’t enough: You must ensure that it’s easy to run reports on all office copying to proactively control rogue behavior or to gather information should an audit be required.
Local Document Storage: If your organization doesn’t have a comprehensive document management solution you may have hundreds or thousands of copies of your corporate secrets spread out across hundreds of hard drives. Nothing stops people from copying files onto portable media like thumb drives and walking out the door without anybody being able to track the behavior. To double the risk, unsecured MFPs and Copiers also store documents on their harddrives and people can copy those digital files as well!
And this is where ransomware can really put you at risk: Locally stored files without regular and consistent offsite backups are at risk. Most people that click on an email and download ransomware have no idea they’ve done it, and the bad news is that ransomware strategies are getting more sophisticated and tricky.
The wrong fix: Asking employees to do their own backups. Most people will go weeks or months without doing it, and in that time they generate a ton of valuable data which could be at risk. The other poor option is letting people use their personal cloud services as a document repository because you don’t have any control over that.
The right fix: A good cloud-based document management repository like that offered by NeoStream. For document security it ensures that every action related to that document is tracked and accounted for. Properly configured it makes it impossible for users to share or download documents, and if they do have access to the documents, a complete audit trail of their activities is created. When it comes to protection against ransomware, because there is no shared drive connected to the users desktop or laptop the malware doesn’t have a path to access the files to encrypt them. Talk to your document management provider about how they can help.
I know we can all agree that document security is critical for every organization. It is my hope that this blog has given you some good ways to ensure you’re doing the best you can to limit the risk. Data security threats are changing all the time and it’s up to all of us to ensure that we review our best practices and solutions for protection on a regular basis.
Now it’s your turn! Do you have some additional tips for data protection? Are there other threats to data security that weren’t covered in this article? Your experience and voice matter, so please leave your comments and join the conversation!