Calling Out the Blind Spots in a Work-From-Home World:
How to Educate Your Employees on Secure At-Home Printing
The great work-from-home (WFH) wave thrust upon us by the global pandemic is here to stay. Now is the time to bring security and normalcy to the varieties of improvised solutions companies have scrambled to create. You’ve probably been resourceful in your deployment, but you may have unwittingly invited vulnerabilities that could be costly to your bottom line and reputation.
WFH Is Here To Stay
Print-From-Home Blind Spots
Business owners should be made aware of three main blind spots when printing from home:
Network Security RisksConnecting unmanaged devices to an organization creates a direct line to their network. Printers can are accessible by a variety of people and are capable of storing data on their hard drives, creating an access point to sensitive information. When users plug in a personal device, they can’t be sure what information the hard drive contains or whether a virus or malware introduced.When a printer/scanner connects to the homeowner's wireless network, they may be creating additional risk. Connecting a device to the Wi-Fi makes it easy for someone to breach and access the printer and any stored documents if firmware or settings are weak.Newer printers/scanners come standard with remote firmware, advanced security, and a hard drive you can wipe clean of existing data. Some even provide enhanced features such as Encrypt Data at Rest or the ability to send threat notifications to event management (SIEM) tools. But even the newer models can pose risks if they are unmanaged. The firmware and software on personal devices are less likely to be updated on a regular schedule than company devices. Unless organizations provide their own company issued machines, maintaining control over which devices in use and how often they are updated will be nearly impossible.
Risks Associated With Improper Document Destruction & DisposalAll companies have information that they want to keep secure from others. Accordingly, organizations require employees to store and dispose of confidential information appropriately. Especially for these employees, printing from home can be a vector for data breaches that can lead to legal, financial, and reputational risk.Limit hard copy storage; it should be scanned and saved in a secure network environment. Organizations should consider requiring employees to retain confidential documents in secure (locked) locations in their homes, such as a locked cabinet or drawer, until they can return to the office to place them in a shred bin.Additionally, when hard copies are no longer needed, employees should not discard the printed materials in their ordinary trash, as they could be picked up by outside parties. Instead, using document shredders to destroy any sensitive information is crucial. Many professionals writing on this topic recommend that their shredder cut the documents into vertical and horizontal confetti-like pieces (crosscut shredding).
Cost ContainmentConsider how difficult it could be to manage the toner and supply costs for an unmanaged device. Employees commonly put expenses on the company card or seek reimbursement. These costs are easy to overlook by the organization but accrue substantial expenditures over time. Additionally, the cost of ink and toner for your standard in-home inkjet printers is much more expensive than that of your standard in-office laser printers, making it difficult for organizations to budget and control printing costs.You should also consider how many small devices don’t have the luxuries, like scanning, that come with your typical office machine, which could create a need for further expenses in the form of a tabletop scanner. Organizations that provide company-issued printer/scanners will have more reliable control over these factors and be able to monitor costs in a much more transparent way.
The Regulatory Environment
Consider what's at stake. A data breach caused by a home printer connecting to a company’s network creates legal and regulatory risk.
A company’s confidential information and trade secrets are a competitive advantage. Protection under state and federal law is subject to reasonable efforts by its owner to maintain its secrecy.
Privacy Laws and Data Protection Laws
Laws vary across the country, but they generally require a business to ensure the security and confidentiality of customer personal information in a manner entirely consistent with industry standards. Meaning they should take precautions to protect customer information against anticipated threats to its security or integrity and protect it against unauthorized access to, or use of, in any way that could result in substantial harm or inconvenience to any consumer.
If your customer operates in a further protected industry (e.g., healthcare), they have even higher privacy requirements. If your customers require a professional license, such as a law license, there are heightened ethical and confidentiality obligations they have to their customers.
Breach of Contract
Organizations that have entered into a non-disclosure agreement that they’ve contracted to protect information can open them to risk and liability if they mishandle that information. Depending on the agreed-upon level of protection, payment of damages to the other party may be a consequence.
Managing the Risk: Deploying a Secure MPS Program in a Print-From-Home Scenario
Smaller home office printer/scanners and proper document disposal equipment may suffice, as well as print monitoring devices that will help you monitor those costs. There are two ways to track usage on volume and consumables; via DCA (Data Collection Agent) and email notification.
DCA Remote Monitoring Solution
A DCA connects directly to the employees’ computers at their remote location, monitoring the home office printer.
There Are Two Ways to Install a DCA:
- You can install a DCA on a corporate server, so when the user connects to VPN, they are connecting to the server.
- You can install a DCA on a Raspberry Pi, a small, credit card-sized monitoring device.
Email Notifications Solution
Your provider can also be notified of supply and end-of-life alerts by email within printer settings. Additionally, your provider will also receive notifications for meter readings and service alerts. A registered destination email address can receive counter information. The above notification capability is dependent on the manufacturer model selectable signals for toner cartridge, imaging unit, maintenance kit, and counters.
The low supply notification is alert based, this means the moment the level drops under a predefined registered level, and the registered destination email receives the information.
The counter information is schedule-based, meaning a specific notification schedule, daily, weekly, or monthly, can be registered to send the notification to the registered destination email.
Prerequisites for the email notification solution to work include:
- The manufacturer model must have the supplies low and counter-notification features.
- The low supplies notification is event-driven, meaning the warning is only triggered once when the toner or ink level drops under the standard set to report the low supplies level.
- The supplies low and counter-notification must exist on each printer.
WFH is here to stay, so consider how you can help your employees do so to capitalize on all the benefits of a remote work scenario while protecting your organization from data vulnerabilities. A secure print from home solution is a crucial aspect of your business continuity plan. Businesses who take their IT security and business continuity earnestly will implement a resolution to protect the print-from-home blind spot.
Interested in learning about the equipment, software, and services necessary to maintain a secure
remote managed print environment?