Arron Fu, VP of Software Development at UniPrint, looks at the security weaknesses in enterprise printing environments and explores the role that technology is playing in safeguarding the printing landscape.
Just as email was 20 years ago, corporate printing environments today are, typically, uncontrolled and unmonitored. Extremely sensitive data is encrypted, safeguarded and highly prized as an asset. For most firms however, this is where the security ends. As soon as a document is sent to a printer, security is often overlooked.
Printing is a fundamental business requirement. With the proliferation of cloud computing and increasingly mobile workforces, more and more organisations are recognising the need to enable employees to print without compromising data security.
In the case of email, organisations quickly realised that to leave it unchecked would represent a huge security threat. And so it is with printing; businesses are recognising that continuing to leave printing unmonitored and solely in the hands of employees is not acceptable.
The printing problem
One critical security issue centres on the user’s ability to print confidential documents to shared environments. Within an enterprise network, access to certain documents is restricted and limited only to those who are assigned the right to access. Certain members of the HR department, for example, have access to personnel files and employee information. And despite organisations’ best efforts to go paperless, the reality is that hard copies are inevitable.
The problem becomes who can actually collect the confidential documents when they are printed. Concerns of this nature are not necessarily borne out of a fear of malign or mistrust. However, the simple mistake of collecting an extra sheet of paper from a shared printer can lead to anything from an embarrassing situation to a serious security breach. More deliberate and malicious attacks are also possible as long as documents are printed in a public forum.
Both internal employees and external third parties represent a threat to unsecure printing environments. With users able to send print commands from different rooms, floors and even buildings without needing to be present at the printer, documents can be left unattended for hours. On any given day, a number of visitors and guests to the organisation come and go, each with the opportunity to collect these printed documents from unmanned printers.
The quick fix?
Traditionally, when employees have raised concerns over print document security, organisations have implemented quick fixes and ad hoc solutions. They give the concerned user their own individual printer, position it on their desk and install the necessary driver locally.
This is fallacious for two reasons. First, from a long term cost perspective, this is not a cheap option. Yes, there is minimal outlay initially; printers after all, can be picked up for next to nothing these days. But the long term costs will add up. Think of the ink, toner, maintenance, repairs: every piece of hardware has an ongoing cost. When multiple departments flag the same concern, a one-time solution becomes a company-wide initiative. Quickly, the simple fix spirals into an ongoing solution of every user’s printing situation. Given the low cost of the purchase, often no authorization will be required, making it difficult to keep tabs on these increasing costs.
But an escalating printer fleet size has more than just price consequences. IT helpdesk calls will increase when individuals cannot print to their local personal printers. Every new printer requires the installation, administration and upkeep of a separate printer driver. Very quickly, the easy way out has become a cumbersome and complex IT management task. Consequently, excessive printer drivers will invariably slow down the wider network performance.
Printing smart and secure
So, with no simple solution available, how can organisations address the issue of printing security without the escalating cost and administrative issues that come with managing a large printer fleet? An emerging printing trend adopts the way in which traditional computing has developed security measures or even the way you safeguard your bank account. What companies need to do is to ensure that the user is the sole person able to pull or release the printed document at the shared printer. Simply, the printed document will not be released until the user is present at the printer and wanting it—after all, you wouldn’t want an ATM dispensing your money without you being there to collect it!
Help is at hand. Technologies including PIN, smartcard and radio frequency identification (RFID) enable single or multiple factor authentication to create a highly secure printing landscape. Any card, be it a credit, debit or access card can be converted into a smart printing card which, when swiped on location, will release pending documents for that user. Similarly, entering a unique and secret PIN number will tell the printer that the authorised user is present and waiting to collect his or her print job.
Perhaps one of the biggest benefits of these technologies is that they are not new to the average user. For years, people having been using bank cards and PIN numbers to access ATMs and smartcards to gain entry to buildings. By introducing this tried and tested technology into the printing environment, organisations can ensure that printing is no longer the weak link in their security chain, in a simple and cost effective way. The key is rightsizing. It is essential, however, to address the security in some way shape or form.
Printing security should be a prominent part of any security strategy. It should be squarely on the CSO’s, CTO’s and even the CIO’s agenda. The simple fact is that left unchecked, unmonitored and unsecured, printing represents a very real and major security threat. The good news is that technology is on hand to safeguard these environments ensuring that sensitive information is as secure on paper as it is in soft form.
Arron Fu is the vice president of Software Developmentat UniPrint, a division of GFI Business Solutions Inc. Arron oversees the operation of UniPrint, and also presides over its software development function. http://www.uniprint.net/
