Print Security, Threats, and Solutions

Transcription

1 Print Security, Threats, and Solutions 1

2 Agenda Threats Printers Print Solutions Printers Print Questions and Answers 2

3 Printer Threats 6 of 10 Companies Have Unsecured Printers. How About Yours? Security threats are evolving every day. Even one security breach has the potential to be costly. If private information is jeopardized due to unsecured printing, the ramifications could include identity theft, stolen competitive information, a tarnished brand image and reputation, and litigation. Plus, regulatory and legal noncompliance can result in heavy costs. 3

4 Printer Threats What are the top printing security concerns? Exposure of data in transit Company s ability to identify a security breach from printers Exposure of documents left in the output tray Unauthorized use of printer features Remote employee s use of home printers Exposure of device network settings or ports Threat of outside malicious access to network through printers 4

5 Printer Threats What are the top printing security concerns? Exposure of data in transit Company s ability to identify a security breach from printers Exposure of documents left in the output tray Unauthorized use of printer features Remote employee s use of home printers Exposure of device network settings or ports Threat of outside malicious access to network through printers 5

6 Printer Threats 6

7 Printer Threats Network printers provide a potential point of access for these complex attacks. A vulnerability in HP LaserJet printers enables a hacker to remotely gain access to sensitive data by connecting to the telnet debug shell. Exploits have been uncovered in HP JetDirect software, used by many printer manufacturers. The firmware of Samsung printers (including some branded as Dell) contains backdoor administrator access. A major threat to organizations today is from Advanced Persistent Threats (APTs). 7

8 Print Threats Print breaches are the hardest to catch because you would need to know everything that is being printed, where it is being printed and by whom. Downloading a database is protected by database security, but printing the records is not. Unless there is security at the door there is nothing to prevent anyone from walking out with a stack of paper containing sensitive or proprietary information. 8

9 Print Threats Print security breaches could be caused by any of the following: Improperly disposed of waste paper. Documents printed to the wrong printer. Unsupervised Guests. Employee action. Common material compromised by a Print security breach: Employee Salary information. Company Customer/Client contact information. User access names and permissions. Confidential company projects. 9

10 Printer Solutions The network printer deserves close attention during a security review. 1. Only allow connections from trusted hosts and networks 2. Ensure that the printer firmware is regularly updated 3. Use digital rights management tools to control access to sensitive documents 4. Change the default printer password. 10

11 Print Solutions Shred all unnecessary documents sending them to the dumpster does not make them secure. Enact policies which insure the safety of confidential material. Use a tool that will tell you exactly which documents are being printed and who is printing them. 11

12 RXforPrint is an advanced user-centric print assessment and print tracking tool for managed print Key Features: Tracks print by user, by device, by department, by time, and by cost Provides print accounting for charge-back, by print job, by user Creates a print audit trail to support document security and compliance Provides reporting to make print assessment easy to implement Key Benefits: Key user-centric print assessment tool to support Managed Print Services Provides a way to manage your customers print fleet Optimizes Print Security Supports green culture RXforPrint is a valuable tool for a Managed Print Services Strategy. It provides the print assessment data we need to manage our customers print fleet efficiently and costeffectively -(MPS dealer) To learn more about RXforPrint and a FREE demo, please contact Jupp@apwi.com

13 Print Audit Trail Printer Location Job Owner Computer Job Name Pages Cost/Page Total Cost Submit Time Color Duplex \\MOSLDMDC02\OnCall ir6575 OnCall Center CCALBREATH OC-CCALBREATH9 Test Page /31/ :24 BW Simplex \\MOSLDMDC02\Admin_Canon_5065 DMX StL Admin 5065 MGRIMES CG5HGQ1 RMA Document xlsx /31/ :31 Color Simplex LSKYLES 2TYQ1R1 Gadwin PrintScreen Image /31/ :37 BW Simplex LSKYLES 2TYQ1R1 Gadwin PrintScreen Image /31/ :38 BW Simplex \\MOSLDMDC02\Admin_Canon_5065 DMX StL Admin 5065 MGRIMES CG5HGQ1 Microsoft Word - fax cover sheet /31/ :39 Color Simplex LSKYLES 2TYQ1R1 Gadwin PrintScreen Image /31/ :39 BW Simplex \\MOSLDMDC02\Admin_Canon_5065 DMX StL Admin 5065 MGRIMES CG5HGQ tif /31/ :39 Color Simplex LSKYLES 2TYQ1R1 Gadwin PrintScreen Image /31/ :40 BW Simplex VKENNY CG5NGQ1 Microsoft Word - Proposal template test /31/ :40 BW Simplex LSKYLES 2TYQ1R1 Gadwin PrintScreen Image /31/ :52 BW Simplex LSKYLES 2TYQ1R1 Gadwin PrintScreen Image /31/ :53 BW Simplex LSKYLES 2TYQ1R1 Microsoft Office Outlook - Memo Style /31/ :55 BW Simplex LSKYLES 2TYQ1R1 0441_001.pdf /31/ :56 BW Simplex VKENNY CG5NGQ /31/ :01 BW Simplex VKENNY CG5NGQ /31/ :04 BW Simplex \\MOSLDMDC02\Admin_Canon_5065 DMX StL Admin 5065 LSKYLES 2TYQ1R1 Invoice.pdf /31/ :10 Color Simplex VKENNY CG5NGQ1 Microsoft Office Outlook - Memo Style /31/ :13 BW Simplex \\MOSLDMDC02\Admin_Canon_5065 DMX StL Admin 5065 RALDRIDGE 2TZV1R1 Microsoft Office Outlook - Memo Style /31/ :15 Color Simplex \\MOSLDMDC02\Admin_Canon_5065 DMX StL Admin 5065 MGRIMES CG5HGQ1 Microsoft Office Outlook - Memo Style /31/ :18 Color Simplex \\MOSLDMDC02\Admin_Canon_5065 DMX StL Admin 5065 MGRIMES CG5HGQ1 PO Form.pdf /31/ :18 Color Simplex VKENNY CG5NGQ1 Microsoft Office Outlook - Memo Style /31/ :36 BW Simplex \\MOSLDMDC02\Admin_Canon_5065 DMX StL Admin 5065 ABRUELL DATAMAX-NEWBUILD rk dixon meter readings.xls -[-EXCEL.EXE-] /31/ :37 Color Simplex \\MOSLDMDC02\Admin_Canon_5065 DMX StL Admin 5065 MGRIMES CG5HGQ1 Microsoft Office Outlook - Memo Style /31/ :43 Color Simplex \\MOSLDMDC02\Admin_Canon_5065 DMX StL Admin 5065 MGRIMES CG5HGQ1 Microsoft Office Outlook - Memo Style /31/ :50 Color Simplex \\MOSLDMDC02\Admin_Canon_5065 DMX StL Admin 5065 LSKYLES 2TYQ1R Calendar 8.5x 11 Paper.pdf /31/ :52 Color Simplex \\MOSLDMDC02\Admin_Canon_5065 DMX StL Admin 5065 ABRUELL DATAMAX-NEWBUILD Microsoft Word - ON-Site Meter Mapping Process.doc -[-WINWORD.EXE-] /31/ :54 Color Simplex VKENNY CG5NGQ1 Microsoft PowerPoint - Proposal template rvsd /31/ :01 BW Simplex User data provides a clearer picture. Showing you not only how much was printed but who did the printing and what they printed. This also captures all print to Non- Connected devices and allows you to bill for those as well. 13

14 Print Solutions HIPAA Compliancy The HIPAA Security Rule establishes national standards to protect individuals electronic personal health information that is created, received, used, or maintained by a covered entity. The Security Rule requires appropriate administrative, physical and technical safeguards to ensure the confidentiality, integrity, and security of electronic protected health information. 14

15 Affinity Health Print Solutions HIPAA Compliancy Multiple leased MFPs were returned to the leasing agent without erasing the confidential medical records and data contained on the hard drives The company who later purchased the MFPs discovered the records on the hard drive Affinity estimated that 344,579 individuals may have been affected by the breach Breach resulted in $1.2 million in HIPAA violations Source: 15

16 16

17 Dealer contact: Mary Sumner Sumner Group Inc. Sales Contact John Upp American Printware Inc. Technical contact free download: Bill MacVicar American PrintWare Inc. Contact us: