Why Printing Is An Important Part of GDPR Data Security

The EU General Data Protection Regulation (GDPR) comes into effect on May 25^th, 2018 and will change how organizations approach print security.

Multifunction printers (MFPs) and networked printers are often overlooked when it comes to enterprise IT security.

Yet, these devices are capable of store and processing data and have the same security vulnerabilities as any other networked endpoint.

With almost two thirds of organizations having experienced a printer related data breach, organizations cannot afford to overlook their printer security any longer.

The large fines to be imposed due to non-compliance of GDPR regulations as a result of unsecured printers is even more incentive to properly secure printing processes.

What is GDPR?

Beginning on May 25^th, 2018, any organization that has or processes personally identifiable information of EU citizens must have strict security measures in place to adhere to GDPR.

Even though GDPR is an EU regulation, any organization, whether based in the EU or not, that conducts business and handles personally identifiable information about EU individuals is required to comply.

GDPR sets out the measures organizations must take to protect personal data.

The focus of GDPR is to hold organizations accountable and requires that organizations demonstrate that they have taken steps and actions to protect personal data appropriately.

Securing your Print Environment

GDPR encourages organizations to establish, implement and revise security measures in response to the ever-changing cyber-threat landscape.

Measures enforced by GDPR requires organizations to protect personal data from unauthorized use and accidental theft or breach.

Organizations need to be able to demonstrate absolute control over information security to follow GDPR, however, with many organizations still relying on printing to support business processes, they must consider protection of networked printers and MFPs.

MFPs today go way beyond just printing and copying – they are able to capture, route, and store information. Just like any other endpoint, MFP’s have many points of vulnerability.

Today an MFP essentially functions as an IoT device, and if left unsecured, it basically an open door to the corporate network.

Without controls in place, information both in transit or stored on the printer can be accessed.

Minimizing GDPR Data Security Risks

The bottom line is that MFPs need to be a part of the overall security strategy and need to be protected at all levels – device, document, and user.

The problem is that many believe existing technologies will protect them, but this doesn’t consider all the latest threats.

Organizations also operate a large mixed fleet of devices, old and new, which can leave many holes in the system.

Given the complexity of the print environment, especially those with a diverse fleet, organizations should look to third party vendors to address printer security.

Vendors should be print vendor agnostic, environmentally agnostic, and offer security solutions, encryption, reporting, and monitoring.

Learn about securing your printing with our free white paper on how to Achieve a Secure Print Infrastructure

When looking for a print security solution, look for services that offer:

Security Audit

A full security audit should be conducted of the print infrastructure to identify any gaps.

This audit should also be part of the overall security strategy and be conducted internally regularly.

Performing an audit can ensure the correct security recommendations are made and no potential risk goes unaddressed.

Monitoring

Ongoing monitoring can help and ensure devices are being used appropriately according to organizational policies and will also help detect any data breaches.

Monitoring systems will help organizations detect and respond to data breaches faster, which is key to GDPR compliance.

Reporting

GDPR data security requires consistent and constant reporting, which can be addressed by print reporting features included in print vendor solution.

Reporting will indicate non-compliant behavior and any gaps in controls to be addressed.

Are You GDPR Ready?

GDPR serves as an important reminder that organizations should be proactive in their approach to security.

With the deadline approaching on May 25^th, organizations need to act quick to understand and implement measures. While printing remains an important business process, print security needs to be addressed as part of GDPR compliance and organizations need to understand how to secure their print infrastructure.

Learn more about securing your printing by downloading our free white paper on Achieving a Secure Print Infrastructure below!