1 / 21

Imaging and printing security best practices

Imaging and printing security best practices . Steve Andrews GSLC, CHP, CSCS, CDIA+ Solution Consultant, HP. Objectives and agenda . Objectives Understand potential security and exposure risks, and learn how HP solutions can help you proactively protect your organization Agenda

cricket
Download Presentation

Imaging and printing security best practices

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Imaging and printing securitybest practices Steve AndrewsGSLC, CHP, CSCS, CDIA+ Solution Consultant, HP

  2. Objectives and agenda • Objectives • Understand potential security and exposure risks, and learn how HP solutions can help you proactively protect your organization • Agenda • Why be concerned about imaging and printing security? • Security threats, risks and vulnerabilities • Compliance and privacy concerns • How to secure your imaging and printing environment HP Confidential

  3. Over 20,000 compliance regulations exist worldwide Which ones impact your Organization? HP Confidential 3 3

  4. Why be concerned about imaging and printing security?

  5. The cost of poor imaging and printing security Anonymous  Authorized printing Authorized Anonymous • Security breaches account for $59B in proprietary and intellectual property loss each year by U.S. companies* • 70% committed by unauthorized employees** • 95% result in financial losses** *American Society for Industrial Security (ASIS), US Chamber of Commerce, Price Waterhouse Coopers; **CSI/FBI Security Study, 2003 HP Confidential

  6. Security TREND • Explosion of security regulations, complexity • Data breaches growing, and very costly • IT security spending continues to grow even in today’s economy “Average cost per incident in 2008 was $6.65 million last year, up from $6.3 million in 2007.” —Ponemon Institute Fourth Annual US Cost of Data Breach Study January 2009 “Deliberate actions of current and former employees are a primary threat to proprietary information.” —American Society for Industrial Security Trends in Proprietary Information Loss Survey 2007 “In normal times, Gartner suggests that enterprises spend 3% to 6% of their IT budgets on security. In 2009, spending may actually rise to 8% of reduced IT budgets” — Gartner, March 2009 2009 Update: What Organizations Are Spending on IT Security 6 6 6 HP Confidential

  7. We know you’re concerned about security • Multi-function printers (MFPs) are intelligent devices—much like connecting a server or computer to the network • Confidential information can be “hijacked” • In printer output trays • On the network • Inside printers and MFPs • Financial loss can be significant • Compliance violations • Theft of proprietary information • Damage to company image • Legal fees Imaging and printing security needs to be a partof your overall IT security and compliance strategy HP Confidential

  8. HP Confidential

  9. Output privacy HP Confidential

  10. Output privacy • Problem: uncollected documents • Confidential information accessible • George Clooney’s medical records (HIPAA) • Major financial institution: upcoming IPO information; $7M profit • “Print and sprint:” leaving without picking up a printed document • Documents accidentally/deliberately taken: reprinting • Waste: customers are seeing 10-15% cost savings by using HP Pull Printing solutions HP Confidential

  11. Unauthorized access HP Confidential

  12. Unauthorized access • Problem: walkup access • Impersonation: digital sending and faxing • Device configuration changes • No audit trail for compliance • Problem: network access • Device configuration changes • Print 100 copies instead of 1 • Send messages to front panel display: K–12 school kids • Unauthorized firmware upgrades HP Confidential

  13. Network security HP Confidential

  14. Network security • Fact: most companies do not encrypt the traffic on their internal networks • Problem: network traffic is susceptible to sniffing and/or redirection • Print spool files are sent “in the clear” • Digital send/scan files are sent “in the clear” • Network sniffers (e.g. Ethereal) can be readily downloaded from the WWW (Google search) • Man-in-the-middle attacks: data can be easily re-routed to another device • University: students re-routed documents to their PCs HP Confidential

  15. Data at rest HP Confidential

  16. Data at rest: retained information • Fact: data is stored on the hard drive and memoryof all printers and MFPs • Stored jobs • Address books • Temporary spool files • Fonts • Problem: how to protect this data at rest from • Hardware theft: drive or entire device • Refurbishment/redeployment • Network access HP Confidential

  17. Proactive system management HP Confidential

  18. Core Printing and Imaging Management Requirements • Fleet Deployment • remote installation & configuration of unlike devices • Problem Resolution • provide helpdesk with ability to remotely manage & monitor Central Office • Proactive Management • reduce end user downtime with real time status updates of printers • Security • ability to secure devices at various levels • Reporting & Optimization • trend asset utilization over time by users Remote Office HP Confidential

  19. How to secure your imaging and printing environment

  20. The 7 steps • Get control of the fleet • Secure the devices • Authentication • Pull Printing • Encryption • Job-level Tracking • Document Security HP Confidential

  21. Summary Security is everyone’s concern Your technical solutions are only as strong as the policies they support and the procedures built around them To successfully implement security strategies you need to get management to drive them, IT and HR to implement them and staff to understand and respect them. Security is a value add and a business enabler Imaging and printing security must be part of your overall IT security & compliance strategy HP Confidential

More Related