Pinpointing Weak Links in an Enterprise Security Chain: Helping Companies Battle Data and Content Security Challenges
By Hiro Imamura, SVP and GM, Business Imaging Solutions Group, Canon U.S.A.
There is a pressing need for enterprises to continue to reconsider how they think about cybersecurity in the wake of a mounting magnitude of data and content security breaches impacting companies on a global scale. But in order for organizations to preemptively combat and proactively address potential pitfalls, they must first pinpoint the potential weak links in their security chains. And while most enterprises understand the importance of data and network security, they may not be able to readily identify the problem areas and the necessary steps to take to implement security features and practices in the workplace.
Common shortcomings in an enterprise’s security protocols typically include hardware and software vulnerabilities due to a lack of advanced features, such as access control and usage tracking, as well as plain human error. A recent study conducted by Keypoint Intelligence, the market intelligence firm for the digital imaging industry, cites that even organizations that understand the importance of data security may not be including their MFP devices in their security policies.
"To design and manufacture office products with advanced security features, the process starts early and is continuous"
Copiers and printers are such inherent office fixtures that employees commonly assume that they cannot possibly be a security risk. If businesses do think about controlling printer usage, it may only be as a way to manage the cost of printing. Yet, today’s MFPs play an integral role in the larger, connected landscape and, as such, MFPs should incorporate an array of advanced security features that can help users limit access to sensitive business information. Such features might restrict or allow device functionality based on employees’ roles and responsibilities or even create audit trails for compliance purposes.
A company’s security policies are, in essence, only as strong as their office technology’s security features. Without proper security measures built in to a business’ office technology and practices, there lies potential for even the most diligent employees to engage in the wrongful copying, scanning, creation, and distribution of confidential intellectual property—whether that be accidental or intentional. It is therefore imperative that security measures be incorporated at the product design level of today’s connected office equipment technology that companies rely on daily.
While securing a network is considered an essential link in the enterprise security chain to most IT professionals, it is equally important for a business to think about how its employees will use the connected office equipment, and what types of information will be travelling through the devices on a daily basis.
Implementing an access control strategy for shared office technology helps enterprises keep in line with today’s workplace automation trends, such as Bring Your Own Device (BYOD). As companies increasingly allow today’s workers flexibility, more personal, mobile devices are entering the workforce. This means that confidential company information is not always limited to a company desktop computer, and workers need the flexibility to send sensitive documents to and from copiers, scanners, and printers from their mobile devices while using security features. For example, enterprises could benefit from relying on printers that allow users to send sensitive documents to network printers from desktops and compatible mobile devices, and then only can print the documents when the user is physically standing at the device and authenticates.
Canon, for instance, recently won a BLI PaceSetter Award from Keypoint Intelligence – Buyers Lab (BLI) analysts in the Document Imaging Security category. The analyst house recognized the company for its user authentication schemas in its latest imageRUNNER ADVANCE MFPs and its uniFLOW platform, which provides usage tracking and document-centric data loss prevention.
Today’s connected office technology should come equipped with, or have the ability to be equipped with, an abundance of security features in order to be considered an integral component of the office of the future. Such features include user authentication, usage tracking, device fleet management tools, and centralized network security management settings. But how does a manufacturer ensure that incorporating security features become a fundamental part of the research and development process?
To design and manufacture office products with advanced security features, the process starts early and is continuous. The companies that demonstrate leadership in developing and promoting industry security initiatives are those that can continue that mindset through to product conception. Proper utilization of in-house security resources—as well as help from independent security consultants in the development and testing of today’s connected office equipment—can also help bolster a manufacturer’s mindfulness to security.
To conclude, the first step to helping to enhance an enterprise’s security chain is to identify and combat the potential pitfalls, and to ensure that businesses choose to work with multilayered enterprise security solutions that incorporate a combination of advanced features like user authentication, usage tracking, and document-centric data loss prevention. Such solutions can help safeguard sensitive data stored on and transmitted through devices.