Document security: An imperative in the IoT era 

The far-reaching financial, legal and repetitional implications of a data loss mean that information security is a business imperative. Safeguarding the ever-increasing volumes of valuable corporate data against unauthorised access has become integral to maintaining business operations and adhering to increasingly vigorous data privacy compliance requirements.

For many organisations, their cyber-attack surface area is increasing as connected Internet of Things (IoT) endpoints proliferate. These include both legacy and the new breed of smart printers and multifunction printers (MFPs). Consequently, businesses must take a proactive approach to print security as these print devices can provide an open door to corporate networks. By taking steps to analyse the potential vulnerabilities of print environments, businesses can mitigate risks without compromising productivity.

 

The evolving IoT security threat

 

October 2016 saw one of the worst distributed denial-of-service (DDoS) attacks in history, when a strike on DNS provider Dyn took a major part of the internet’s DNS infrastructure offline – including Amazon, Twitter, Spotify, Netflix and Reddit. This attack is representative of the increasing complexity of the data security threat, and the rising number of high-profile breaches that are affecting hundreds of millions of users worldwide. Its nature also signals the evolving shape of the threat: the attackers targeted the rapidly growing network of connected devices known as the Internet of Things (IoT).

The number of IoT devices – think vending machines, thermostats, video cameras and networked printers – is estimated to reach anywhere between 20 and 50 billion by 2020. These devices are smart and connected, but they are also vulnerable. IoT devices can be remotely managed, and are able to generate, store and retrieve a wealth of data as well as initiate service or maintenance requests. For hackers and malware looking for a way into a corporate network, unsecured IoT deployments provide the perfect entry point.

 

The true impact of a data breach

 

The consequences of any networked device being compromised are far reaching, whether the outcome is downtime or data loss. A data breach can leave a company open to huge fines and legal penalties and damage its reputation and customer confidence. According to PwC1 90% of large and 74% of small UK organisations reported suffering a data breach in 2015, while a 2016 study from the Ponemon Institute2 reveals the average total cost of a breach to be $3 million, with the average cost per stolen record $158.

In Europe, the penalties for a data breach will become even higher when the new General Data Protection Regulation (GDPR) comes into force in 2018. Companies that handle EU citizens’ data will have new obligations in a number of areas – including data subject consent, data anonymisation and breach notification – requiring major operational reform. Regulators will be authorised to issue penalties equal to €10m or 2% of a business’s global gross revenue, whichever is greater, for breaches. The UK will be required to comply with the GDPR, whatever the agreed terms of its exit from the EU, as member countries will remain key trading partners.

Implementing strategies to ensure that data on endpoints is protected from theft, loss, digital intrusion or prying eyes is therefore critical to any organisation.

 

Protecting the weakest link: the multifunction printer (MFP)

 

With its advanced connectivity and capacity to store large volumes of data, the multifunction printer (MFP) has long been a ‘weak link’ in the IT infrastructure – one that businesses can no longer afford to be complacent about.

The MFP has brought increased convenience and improved productivity to the office environment. A smart, sophisticated device which runs its own software and services, it has evolved to become an integral document processing hub capable of handling print, copy, fax, scan and email. However, its ability to monitor usage and collect data, as well as network connectivity only increases the potential for exploitation by hackers.

With MFPs often situated in easily accessible locations, if the proper controls are not in place it is all too easy for unauthorised users to get their hands on confidential or sensitive information left in output trays – either intentionally or by accident. In a recent survey by Quocirca, 61% of large enterprises admitted suffering at least one data breach through insecure printing.

This security gap must be closed. Organisations need to take steps to include effective print security as part of their overall information security strategy. This should encompass a full evaluation of security risks associated with the existing print infrastructure at a hardware, user and document level, the implementation of the technology, and user engagement.

 

Print security vulnerabilities

 

Despite the move to digital communications, many businesses still rely on printing to support key business processes. MFPs are prevalent across businesses of all sizes and as such they are a critical network endpoint that must also be secured. Even behind a firewall, an MFP can be a front door to the network leading to the potential for compromising corporate or customer data.

 

The potential risks are illustrated in Figure 1. These include:

  • Unclaimed output. Confidential or sensitive information can be collected inadvertently or intentionally by an unauthorised recipient.
  • Latent images on hard disk. All documents whether they are printed, copied, scanned, faxed or stored are processed within the hard disk drive. This can present a risk not only if the device is hacked, but also at the end of life when potential hard disk data could be recovered.
  • Unauthorised access to MFP functions. If MFP settings and controls are not secure, it is possible to alter and reroute print jobs, open saved copies of documents, or reset the printer to its factory defaults. Potential hackers could also attack print devices to either intercept or download copies of scanned-in documents, emails and user access credentials.
  • Network security risk. Jobs sent to the MFP for printing typically sit unprotected on the server queue. At this stage, the printing queue can be paused and files copied and the queue restarted. In the worst case, a user from the outside can obtain confidential information, or place malware on the device. Open network ports also present a security risk enabling the MFP to be hacked remotely via an internet connection. Printers can therefore be prime targets of denial-of-service (DoS) attacks. Further, if data transmitted to a printer is unencrypted, hackers are potentially able to access this data.

 

The prevalence of a print data loss

 

Data loss through printing is prevalent, even amongst organisations that operate a managed print service. Overall 61% reported at least one data loss in the past year, 51% in organisations with more than 3,000 employees and 68% in organisations with 1,000 – 3,000 employees. For those organisations not using an MDS it is likely that the proportion of breaches is even higher (Figure 4). In fact, in many cases organisations may not be aware of all data loss incidents, meaning that potential data loss could be even higher than what is reported.

Figure 2. Data loss by organisation size (organisations using a managed print service)

Those organisations that are operating a centralised model based on shared MFPs are less likely to have experienced data loss – 38% indicated no data losses compared to 18% of those operating a distributed model of workgroup printers (Figure 2).

 

Figure 3. Data loss by print infrastructure model

While 67% of those operating a multivendor fleet reported at least one data loss, this dropped to 41% for those that were operating a standardised fleet (Figure 3).

A standardised environment is always going to be easier to control given that security functionality and tools can be applied consistently to all equipment. And normally, these organisations are further along in their MDS engagements and will have benefited from security assessments. This reflects the benefits – from an IT management and user perspective – of a consistent approach to security that is possible with a single hardware brand.

However, in many organisations, it is typical to find a patchwork of devices from different vendors which in turn require different tools and software platforms. Although a best of breed tool can be used across a mixed fleet to enable secure printing (such as pull printing), there remains a challenge in protecting the vulnerabilities of older or legacy devices which may be more exposed than newer devices with built-in security features against today’s threats.

 

 

Figure 4. Data loss by fleet type

So, what is the nature of the data loss from a print perspective?

Notably although access to the network was a top concern amongst the majority of respondents, these concerns may be unfounded. Only 18% reported that an unsecured MFP has led to unauthorised access to the network. However, almost half reported that network interception, hard disk theft and unauthorised access of unclaimed output were factors (Figure 5).

 

Figure 5. Reasons for data loss

Closing the gap in print security clearly requires a range of measures. Most manufacturers offer a combination of built-in security features – both hardware and proprietary and third-party software tools.

 

Print security best practices

 

Given the multiple points of vulnerability in the print infrastructure, businesses must employ a layered approach to print security. This requires a combination of activating built-in hardware security features, implementing software tools such as pull printing and educating users on responsible and secure printing practices.

MPP recommends that the following measures are taken:

  1. Ensure print devices are part of an overall information security strategy. Printers are no longer dumb peripherals and must be integrated into an organisation’s security policies and procedures.
  2. Adopt a security policy for the entire printer fleet. Ultimately, in the event of a data breach, an organisation must be able to demonstrate that it has taken measures to protect all networked devices. It only takes one rogue or unsecured device to break an organisation’s defences. Many organisations offer a multitude of devices across locations. An organisation should be able to monitor, manage and report on the entire fleet, regardless of model, age or brand.
  3. Secure access to the network. Like other networked devices, MFPs require controls that limit network access, manage the use of network protocols and ports, and prevent potential viruses and malware. Transmitted data should be encrypted.
  4. Secure the device. Activate hard disk encryption and data overwrite functionality. Hard disk encryption adds an additional layer of security securing stored data be it actively in use by the device, sitting idle on a device, and/or used by the device in a previous job. To avoid the risk of data being recovered when the MFP is moved or disposed of, data overwrite kits should be employed to remove all scan, print, copy and fax data stored in the hard disk drive.
  5. Secure access. Implement user authentication to eliminate the risk of unclaimed output being left in printer trays. User authentication, also known as pull printing, ensures documents are only released to the authorised recipient. Authentication through smartcards or biometrics is required before access permission to the printer is given and can be enabled across an enterprise-wide device fleet, a specified printer, or an external authentication server.
  6. Secure the document. In addition to access and device controls, digital rights management capabilities can further discourage unauthorised copying or transmission of sensitive or confidential information. This can be achieved by enabling features such as secure watermarking, digital signatures or PDF encryption. Secure watermarking embeds user-defined text only visible when a document is copied; encrypted PDFs can only be accessed by users with correct passwords; and digital signatures help verify a PDF’s source and authenticity. Some devices also have enhanced features to detect the type of document or even the content and determine if the user has permission to print.
  7. Ongoing monitoring and management. To ensure compliance and to trace unauthorised access, organisations need a centralised and flexible way to monitor usage across all print devices. Auditing tools should therefore be able to track usage at the document and user level. This can be achieved by either using MFP audit log data or third-party tools, which provide a full audit trail that logs the identity of each user, the time of use and details of the specific functions that were performed. Businesses operating a diverse mixed brand fleet should consider vendor-agnostic tools to provide these capabilities. Furthermore, as security threats are constantly evolving, continuous monitoring is essential to establish ongoing governance of the print infrastructure.
  8. Seek expert guidance. Manufacturers and MDS providers continue to develop and enhance their security offerings. Take advantage of security assessment services which evaluate potential vulnerabilities in the print infrastructure.

 

If you’d like a print infrastructure assessment, please enquire with MPP using the form below: