Just because a business is small doesn’t mean it is immune to security threats and the impact of stolen data—SMBs often face the same security risks as their enterprise counterparts. Indeed, SMBs are increasingly part of an electronically integrated ‘value chain’ which includes their suppliers, customers and partners, many of which are larger organisations that demand SMBs exhibit the same level of information security as they have. When it comes to running a successful and secure business, size might not matter, but quality and care do.
A costly problem
A recent Ponemon Institute report, The Human Factor in Data Protection, revealed that SMBs are often at greater risk of their employees mishandling data than larger enterprises, and these threats are becoming more prevalent because of the mobility of the workforce and consumerisation of IT. Meanwhile, the Ponemon Institute’s 2011 Cost of Data Breach Study revealed that negligent insiders were the top source of data breaches in 2011. In the UK alone, it is estimated that the average cost per compromised data record lost increased from £47 in 2007 to £79 in 2011.
Clearly, the financial consequences of a data breach are significant. The potential costs are set to become even higher as the European Commission pushes for the powers to fine businesses up to five per cent of their annual turnover for data leaks that can be shown to have been the result of foreseeable negligence.
While SMBs face challenges around data protection and compliance, they also grapple with resource and time constraints. In Quocirca’s SMB survey just 41% of respondents indicated that they are concerned with the security of printed documents. This means that the majority of SMBs mistakenly assume that printers or MFPs do not need protection and so overlook the importance of print security. This complacency is misplaced.
A real threat
Networked printers and MFPs are complex devices with integrated sophisticated document processing capabilities that allow users to print, copy and scan to network destinations, send email attachments and handle incoming and outgoing fax transmissions, often directly from a PC.
With built-in hard disk drives and memory, these devices have many of the characteristics and security vulnerabilities of any other networked device. Given that employees are often behind many data compromises, along with the fact that SMBs are processing more valuable information than ever before, it becomes increasingly vital that information processed by print devices is protected.
A common problem
Printed output is one of the least secure mediums, and data breaches through printed output are all too commonplace. In December 2011, a UK county council was fined £130,000 for mistakenly sending out personal information to the wrong recipient after an employee inadvertently picked up the wrong report from a shared printer. This is not an isolated incident—Quocirca’s 2011 Enterprise Print Security study revealed that 70% of organisations have experienced one or more accidental breaches through printed output, with 46% indicating malicious data breaches.
Avoiding print security breaches
Fortunately there are a range of tools available to SMBs to mitigate these risks. Print management tools, such as Brother’s b-guard, can help SMBs reduce printing costs, ensure document security and promote sustainable printing practices. Such tools should offer the following key features:
- Pull printing. This only releases documents to authorised users, ensuring that documents are not left unclaimed in output trays. Print jobs are sent to a print server and jobs are only released upon authentication. Users can authenticate at the printer/MFP using a pin code (entered on the MFP panel) or by using a smartcard or other separate security token device. This promotes user mobility, as users can collect jobs at any printer and also frees time waiting for a printer that is busy. By processing print in this way, pull printing eliminates the problem of unclaimed print jobs. It also reduces toner usage and paper costs through negating the need for users to repeat print jobs when they cannot find their original output.
- Unclaimed print jobs deletion. Print jobs are given an expiration date after which they are deleted if not printed.
- Cost recovery. For legal, educational and other organisations using chargeback mechanisms, a print management tool can allocate print and copy costs to departments or cost centres, as required.
- Usage limitations. This allows administrators to control and track output at the device. With usage limitations, administrators can limit the number of copies or prints available at an account or a department level.
- Audit logs and reporting. Print, copy, fax and scan jobs can be tracked with detailed information including user, date, time, number of pages, type of paper and type of job. This enables administrators to monitor activity and control print usage and associated costs.
- Mobile printing. Some print management tools now support printing from mobile devices such as smartphones and tablets. This is typically through allowing the user to submit a document by emailing it to a pre-configured email address. The user then collects their print jobs in the same way, using an authentication method described above.
SMBs often fall prey to the same security threats as enterprises, but the repercussions are typically far worse and include decreased productivity, compliance issues, lost sales and even loss of reputation. SMBs remain reliant on printing, so they must take steps to safeguard the valuable data that is printed, copied, scanned, faxed and emailed on a daily basis.
Print management tools provide a proven route to achieve this level of security, while also promoting internal print efficiency best practice.
Read more at http://www.quocirca.com/reports/743/effective-print-security-for-smbs