Many businesses overlook printers when assessing information security. Who can blame them? It doesn’t sound very ‘cutting edge,’ and lapses in printer security don’t make the news – or do they?
The following quote is from Samuel L. Jackson when he was asked where he left his infamous stolen script for next summer’s highly anticipated superhero movie The Avengers:
"I didn’t leave it anywhere. Actually, when they sent it to me, they sent it to me online. My assistant went to print it out, and when he printed it out, he didn’t realize the printer had a memory, so when he brought me my script, the script was still in the printer, so somebody somewhere discovered that this was ‘The Avengers’ script."
(video here: http://www.bbc.co.uk/newsbeat/14404633)
That mistake reportedly has caused Marvel/Disney to shut down the multi-million dollar production and make a few rewrites to the script. So, who is ready to take printer security seriously now?
Document security (it sounds more important when you say it that way, right?) can be broken down into two categories: Output – who has access to paper coming out of the printer – and Data – who can access files. It is important for businesses of any size to understand where vulnerabilities might be hiding in their document paths and address them.
Output Security:
Employees often hit “print” and then get distracted before picking up print jobs. The result can be embarrassing, or even upsetting. Ever walked up to a printer in your office to find that someone has left another print job sitting in the output bin? Maybe directions to a party that night, or a fantasy football roster update, or perhaps confidential personnel files detailing planned layoffs? Often the solution for printing sensitive documents is to provide a personal desktop printer for those users, but that can be costly and difficult to manage at best. Something most users (and some IT staff) don’t know is that many workgroup printers actually come equipped with a feature to help eliminate such embarrassing mishaps while still allowing everyone to print to a cost effective, easily managed, networked printer. Often called “secure print” or “confidential print” (as we call it on the Dell 3330dn and other models), these features enable you to ensure that the printer holds the job in memory until you walk up to the machine, enter a PIN code, and retrieve your document as it is printed. If you never enter the PIN on the front of the printer, it never prints. Best of all, other users can continue to print their documents, even if you take your sweet time retrieving your print job.
Data Security:
Now we get to the part that got Samuel L. Jackson’s assistant in trouble. Many high-end workgroup printers have a gigabyte or more of internal memory – some even have hard drives capable of storing thousands of documents. While this is very useful for companies who want to use a Store Print feature to keep softcopies of forms or letterhead ready to print on demand, it also can be a liability for companies printing sensitive documents. A variety of security features such as authentication, AES encryption, and Disk Erase can ensure that, from the time the print job hits the driver software in your PC through the time it comes out of the printer (say, your Dell 3335dn MFP), the data is encrypted along the entire path and then erased upon job completion. I bet Mr. Jackson’s assistant would like to have known that a few months ago.
These and other simple but effective features are available on a wide variety of popular printer models. For more information on these and other more advanced document security features, you can download our Dell Printer Security white paper. This includes a full list of all available security features on Dell printers and shows which features are available on which models (on pages 6 & 7 of the white paper).
How about you? Do you have any funny (or frightening) stories of document security gone awry in your office?