Reducing Risk in the Document Domain

Carro Ford, Xerox Corp.

The boundaries between digital and printed documents have all but disappeared. Sometimes business information starts as hardcopy, then gets scanned into digital workflow. Sometimes it goes the other way, with digital records emerging from output devices as printed documents like applications or certificates. Document information easily flows back and forth between the two realms, and that makes reliable security measures all the more difficult.

One place to start a document security plan is with the device nodes at the intersection between paper and digital information. These can be the smart phones that photograph documents, scanners that ingest completed paperwork, or digital printers that output hardcopy information.

Humans and Their Documents

A common factor across these smart devices are the people who request, create and use the documents. The human factor often gets overlooked, and as a result, employees an be a  company’s biggest threat. “Employees and negligence are the leading cause of security incidents, but remain the least reported issue,” according to a study by the Ponemon Institute. The research found that the human factor accounts for 35 percent of data breaches. If you haven’t taken steps to reduce the security gap in your document domain, the answer may lie in your Managed Print Services (MPS) program.

MPS Brings Experience to Document Security

If your organization has MPS, start by talking about security with your MPS provider. MPS professionals have experience with securing the content that passes through connected output devices. These smart, networked peripherals have IP addresses and hard drives that accept, deliver and store data, making them vulnerable points indeed. Print jobs can contain sensitive information such as credit card numbers, social security numbers and confidential employee records, to name just a few examples.

Advanced MPS providers who manage connected print devices for customers already address the security issue for output devices. For example, with Xerox Secure Print Manager Suite, a user can be required to swipe a badge to access the printer and release their jobs from a secure print queue. With Xerox Secure Print, users assign a password or PIN to a document as it is sent to the printer, and the document can’t be printed until the user enters the correct password at the printer. Steps like these prevent unauthorized people from seeing confidential information when they come the printer to collect their own output.

Added Security Layers

More advanced MPS providers take document security even deeper. Xerox offers unique ConnectKey® technology that provides extra layers of security software as well as greater visibility for IT staff. Frost & Sullivan awarded Xerox the 2013 Global Frost & Sullivan Award for Excellence in Technology Innovation for the ConnectKey Technology platform, noting “For larger enterprises, Xerox has made ConnectKey compatible with Cisco TrustSec for easy integration with more robust security environments.”

ConnectKey multifunction printers include the Cisco TrustSec® intelligent access control solution. With minimal effort, Cisco TrustSec mitigates security risks by providing comprehensive visibility into devices connected across your network.

Whitelisting Document Applications, Files and Code

MacAfee whitelisting is another ConnectKey security feature, making Xerox the first to offer this technology for multifunction printers (MFPs). This ensures that only approved and predefined applications, files and code will run on Xerox MFPs. The MFPs also detect and prevent unauthorized access and send alerts when someone attempts this.

The security of your document domain can’t be taken for granted anymore, but the networked imaging systems in your enterprise can become your allies. Advanced MPS providers understand the challenges of protecting document workflow and can offer advice and solutions to reduce risk in your infrastructure and workflows. We can also learn from the headlines of 2014, starting with this article, “6 Things We Learned From This Year’s Security Breaches.”

Related Posts

One Comment

  1. Kevin Couch January 21, 2015 -

    Great article!

Comments are closed.