The security problem, says the Quocirca report, is that the devices - operating as sophisticated document processing hubs – have the ability to print, copy, scan to network destinations and send email attachments. Coupled with the fact that they come equipped with their own hard disk drives and often run internal web servers, they now pose a potential, but largely ignored, security threat.
The report – authored by Louella Fernandes and Clive Longbottom – notes that, whilst MFPs and printers have improved business productivity, they pose the same security risk as any networked device if left unprotected.
“With reported data breaches on the rise and growing industry and regulatory requirements around information security, businesses may suffer financial and reputational damage if they ignore the risks of unsecured printing”, says the report.
“Left unsecured, MFPs can pose a real security risk due to a number of vulnerability points. Not only do they store copies of thousands of possibly sensitive documents on their hard disks, but MFPs can be vulnerable to internal and external network attacks. What’s more, their advanced features make it easy for sensitive information to be copied and distributed beyond the boundaries of the enterprise”, adds the report.
Quocirca's analysis goes on to say that, with more businesses operating a shared print environment using centralized MFPs, the potential for information falling into the wrong hands is high – whether accidentally or intentionally.
The report concludes that an organization’s information security strategy can only be as strong as its weakest link and given the continued reliance on printing amongst many businesses, print security is no longer something they can choose to ignore.
Print security, notes the analysis, demands a comprehensive approach that includes education, policy, and technology.
“As shared printing environments become more common as a result of device consolidation, the risk of documents falling into the wrong hands is heightened. Market complexity means that organizations should adopt a multi-layered approach depending on their security requirements. A print security strategy must control access to MFPs, secure data that resides on the MFP and whilst in transmission, and must provide monitoring and auditing capabilities to track usage by device and user”, says the report.
“In today’s compliance driven environment where the cost of a single data breach can run into millions, organizations must pro-actively embrace this challenge. In doing so, organizations will reap the benefits of stronger compliance with regulatory policies and greater protection for valuable intellectual assets”, it adds.