by Kevin Kern
Information security – the elephant in the room for many companies, is a constant concern, especially when it comes to securing printer infrastructure. With threats of hacks, cyber attacks, ransomware and more plaguing the media day after day, and a host of technology providers launching advertisements on imminent risks, it’s no wonder people are concerned.
In many IT assessments, it is not uncommon to find missing patches, uninstalled updates, open ports, etc. – none of which is truly surprising given the rapid speed at which IT is evolving. This is something we need to keep an even sharper eye on as billions of Internet of Things (IoT) sensors fuse data of all types to customer data – engineering data, analytics, etc. – opening the door for greater vulnerability.
In all fairness, information security is not just an IT issue; it is an organizational issue. Securing networks and devices is only one part of creating a secure infrastructure. The other key component, and perhaps the more important one, is the human factor. As work-from-home, agile workspace, and bring-your-own-device (BYOD) policies become more popular, the need for more rigor around data protection is greater than ever.
Employers and employees alike must be mindful of the data they carry on a daily basis, because, let’s face it, we’ve all lost or misplaced a USB drive, paper work with important personally identifiable information (PII), or even a laptop – all of which weaken security and enhance risk vulnerability.
So what can you do to secure your business? A great first step is through employee education. A good example of this is a service that sends emails to a client’s employees mimicking a phishing email. If an associate clicks a “bad” link, they are redirected to an online training helping them understand why the email was suspicious and how to avoid opening risk via a simple click. And, make no mistake, all levels are susceptible – even the CEO. In fact, senior executives are often the main target among hackers. It’s called executive whaling, and rightfully so since hackers aren’t “phishing” for the small trout, but rather the big Kahuna.
Despite the seemingly abstract, vast and unwieldy nature of data security, there are some easy ways to better ensure a secure IT infrastructure:
- Keep your network, firewall, etc., up to date.
- Develop and enforce a BYOD policy.
- Investigate ECM technology as a means of storing documents (say goodbye to file cabinets and banker boxes as much as possible).
- Enable access audits and security features on network printers/MFPs, helping you identify who prints/scans documents.
- When an employee leaves your company, check assigned laptops and other network-enabled devices to ensure data integrity.
- Consider integrating building access technology to network and device access systems.
- Use intelligent security cameras to identify anomalies in external activity.
- Disable all unwanted ports and protocols on any network connected device.
- Encrypt hard drives on ALL devices.
- Encrypt all communication between network attached devicesard Drives on ALLlutions under evice.
Information security is a challenge, but not impossible. IT personnel, executive leadership and all employees must work together to ensure a secure IT ecosystem to help minimize risk in our hyper-connected world.
Want to measure your organization’s risk? we’re pleased to offer an easy six-question quiz. Click here to take an easy six-question quiz.