Quocirca’s Global Print 2025 Print Security Spotlight Report highlights the growing need for businesses to prioritise print security, particularly with GDPR now in force
This latest Spotlight Report which draws on research conducted amongst 575 SMBs and large enterprises across the US and Europe in October and November 2017, examines the trends, challenges and opportunities surrounding print security in the Internet of Things (IoT) era.
The report addresses a number of key issues within the evolving cyber threat environment including: what importance IT decision-makers place on print security; how is the print security attack surface changing; to what extent is print security included in GDPR measures; the key approaches to safeguarding the print environment and how manufacturers and managed print service (MPS) providers can capitalise on emerging opportunities.
Quocirca Research Director Louella Fernandes, warns that IoT security is only as strong as its weakest link. She said: “MFPs are perhaps one of the more sophisticated IoT devices that a business owns, operating as a document processing hub with scan, print, copy and email functionality. Like any other networked device, MFPs are critical endpoints, which must be safeguarded and protected against both internal and external threats.”
A tighter focus on print security A growing threat environment and stricter privacy regulations such as compliance with the General Data Protection Regulation (GDPR) are driving a tighter focus on print security. Enterprises are under pressure to protect their print infrastructure from cyberattack and physical compromise.
Fernandes says that with 64 per cent of the organisations questioned expecting to remain reliant on printing in the workplace, the inherent risks of poor print security cannot be ignored. “Not only can printed documents fall into unauthorised hands without the correct controls, but today’s advanced MFPs are increasingly a target for external hackers using them as a foothold to access corporate networks.
“In today’s growing age of compliance, with GDPR forcing organisations to tackle data privacy issues, they cannot afford to be complacent. Yet fewer than half of those surveyed are currently protecting personally identifiable information (PII) specifically relating to the printing environment.”
It’s been well documented that networked MFPs are critical endpoints in today’s ever-expanding threat landscape. From malicious external cyber-attack to sensitive documents being left on a shared device, these devices have a variety of vulnerabilities but still, securing the print infrastructure remains an area that’s often overlooked in risk management.
Securing the print infrastructure against any potential attacks should be a critical element in any organisation’s compliance programme. The approach is a multi-layered one, organisations need to secure:
The device – typically via SSL secure print and firewalls;
Access to the device, via some form of authentication and authorisation;
Data – via encryption and erasing print job data from the HDD; and
Printed documents – with a secure or pull printing solution.
“There is a tendency to focus on data privacy as if it’s predominantly a digital issue, but there’s a risk that, by focusing on the digital threat organisations overlook the more mundane, but no less potentially damaging risk from poor control of print-reliant processes and working culture,” Fernandes cautioned.
Vendors need to develop offerings
Quocirca’s report also examines the ways print vendors need to develop their offerings to meet the growing security demands of customers.
46% of businesses see the need for security to be built-in to devices by 2025 and the same percentage want to see vendors apply machine learning to printers and MFPs to enable them to identify and recover from security breaches.
Customers will also seek out specialist expertise to oversee print security as part of a continuing shift towards managed services. “This will require both print vendors and current managed service providers to develop greater proficiency and pursue innovation in all aspects of print security in a race to maintain as large a share of print budgets as possible,” Fernandes said.
As the IoT era evolves and the impact of data privacy regulation is felt, Quocirca believes that there will be increasing focus on securing data on endpoints such as MFPs. “The successful vendors will be those who can demonstrate that security expertise is at the heart of their provision and who actively help organisations limit risk and demonstrate compliance,” Fernandes said in conclusion.
Quocirca’s Print 2025 Print Security Spotlight report offers strategic recommendations for enterprises and print manufacturers that will enable them to thrive in the era of GDPR and the Internet of Things.