Document Security: How Secure is Your Document Printing?

Successful MPS companies today know that the digital information they collect is reliable and complete, secure from tampering, managed according to business policies, available to those who need the data, and easily auditable. Business documents and their content propel the decisions and make a record of the transactions that take place in every business. In an age where digital file management is critical to running the business and remaining competitive, managers and workers must ensure that their documents are secure. Electronic data management is more secure than paper based documents, but only when there is a rule-based process that provides the levels of security you need.

Document security can be divided into two parts: the electronic applications and process on the network that interact with devices connected to it and the physical placement and access to devices in the workplace. Both of these areas are complex and may require outside assistance to get the outcomes a business wants. In any case, this article will explore the steps necessary to take to minimize the security breaches and risks for both the network administrator and the operations manager. The focus of this article is for MPS providers and their customers on printing documents securely.

MPS businesses spend a fair amount of time making sure their computers, network devices, and private information are kept secure (it’s the law). However, I have found that one of the most overlooked security problems could be the networked printer and/or copy room. If your company is like most, workers typically congregate around the shared printers or in the copy room. We do this every day. It’s the place where informal employee meetings take place; the main topic – complaining about the boss and company. It’s also the place where petty theft of pens and paper occur, and it’s the hotspot for confidential information lying in piles at the printer waiting for anyone to pick them up. So if you are sharing a printer, your documents, spreadsheets, or anything else you are sending to the printer is vulnerable to someone else’s eyes.

It is amazing to me that many end users and managers do not know that they have a secure print device already. If you are using HP or Xerox printers, secure printing is built in. There is a way from your Office program to delay the print job until you get to the printer to retrieve it. In Word, Excel or any Office document, there is a section in the print dialog box that tells the printer to store your document until you come to the printer to access the print job. The dialog box will ask for a pin number and that pin is used at the printer to print that job while you wait for it. What happens if you forget your pin number? You can’t retrieve the document and neither can anyone else.

Here is how to set this up for both Xerox and HP print devices. This is the general process; your setup may differ slightly.

How to securely print to a Xerox printer:

1. On the file menu, click “Print”
2. Click “Properties”, and then click on “Advanced”
3. Under “Job Type”, select “Secure Print”
4. Enter a 4 digit code (do this twice)
5. Go to the printer and select the “job” and enter your 4 digit code

How to securely print to an HP printer:

1. On the file menu, click “Print”
2. Click “Properties”, and then click on the “Destination” tab
3. Under “Destination” features, select “Job Retention” and then click on “Options”
4. Under “Job Retention Mode”, select “Private Job”
5. Enter your name, assign a name to the print job, and then enter your 4 digit pin code.
6. Go to printer, select job and enter pin code.

By following the above procedures, end-users can print securely. However there are many more threat areas to document security that can penetrate almost any system. So what are the threats and steps to take to minimize document security breaches? Both HP and Microsoft have identified threats (6 and 5 respectively) that can cause great harm to your company. The costs of sensitive documents being exposed such as confidential private information, intellectual property being stolen, and revealed business plans or customer lists are potentially devastating.

HP has identified these principle threats:

• Hard copy theft–Nearly 30% of all printed documents are left at the printer for anyone to take
• Hardware theft–Documents sent to printers and MFPs can be stored for later printing. A stolen hard disk can expose these documents
• Unauthorized changes to settings–If a device’s settings and controls are unprotected, anyone can reroute print jobs and even access vital passwords and network information
• Unauthorized MFP use–MFPs can send fax and e-mail. Anyone with access to your MFP can also send confidential information to any fax number or e-mail address in the world
• Network sniffing–A “network sniffer” can read data traveling between a PC and a printer, exposing the print job, routing addresses and more
There is also theft of a printer or theft of its hard drive that contains all the information printed on that machine. So where devices are sent after its life’s usage is vitally important. The hard drives must be erased or destroyed before sending the printer to some place outside the business’s control.

So to protect the print environment, a company’s strategy must contain methods that will include printing and imaging products, the network, and data passing across the network. The steps to take are within four broad categories of the printing architecture:

1. Protect your Printer
Use a lock that requires a key to remove the lock and the printer
Disable physical ports to prevent unauthorized use
Control access to the device by requiring authentication and authorization for access to device settings and functions. Use pin codes, LDAP, smart cards, and biometric solutions
Remove data disks from retired devices

2. Protect your Information
Authenticate users and protect data before the data prints by using pin codes, LDAP authentication, smart cards, and biometric solutions
Encrypt print jobs to protect data. Use the device’s embedded security (IPSec) to protect information traveling to or from devices
Use encrypted storage if built-in to your device
Remove data by using the device’s built-in capability to overwrite stored data

3. Protect your documents
Use push or pull printing where users can print, authenticate and get their documents when and where they want them
Lock paper trays with sensitive media such as prescriptions or bank checks

4. Monitor and manage your printing environment
MPS solutions can give visibility to the entire printing system
End-user usage, misaligned printers, and document costs are easily revealed
Automated alerts for repairs and supplies
Control access for groups and individuals

It is essential that security becomes an integral part of your company’s security strategy. You need to know your business and what may be attractive to hackers. IT must enforce firewall and content filtering policies. As a Managed Print Services company you should not only be conducting security audits of your own company, but you should be assisting your customers to make sure all printing is secure. Failure to do so can lead to devastating consequences.

Frank Topinka
About the Author
Frank Topinka (Frank.topinka@nprn.net) serves as president of the NPRN and Amy Jaffe (ajaffe@jaffedesign.com) works independently to develop marketing strategies for MPS providers. ou can contact Martin Perry at in2communications for an analysis of your web site and its current activity relative to your competitors. (This analysis is free if you are an NPRN member.)