Cloud-Based Printing Can Help Prevent Paper Document Data Breaches

While cloud-based pull printing should be a key part of every company’s security strategy, many businesses worry about using the cloud because of misplaced security concerns. Ironically, at the same time, they overlook a glaring hole in their information security plans: The office copy machine and the paper documents it churns out.

That’s right — your vital company information can get “hacked” via paper documents.

While we certainly should not dismiss the real and pervasive threats of cybercriminals hacking away at IT infrastructure, for the moment let’s focus on the serious security challenge that unmanaged printing presents to businesses. The good news? There is a way to manage that security challenge via a combination of cloud and edge pull printing

We still print – a lot

For all the talk of declining print volumes, print is far from nonexistent, and therefore the scale of the information security challenge is still considerable. Office workers still print, especially at smaller companies, and a lot of that paper ends up in the circular file — aka, the trash can — at the end of the day. Some of those printed sheets will contain customers’ personally identifiable information (address, financial information, social security numbers, etc.) and be ripe for exploitation.

Unmanaged paper documents equal security risk

Ponemon Institute research shows that the average cost of a data breach in the U.S. is more than $3.9 million. The cost for a single record? $150; each data breach averages nearly 26,000 records.

I wasn’t being a scaremonger when I stated that businesses can be hacked via their paper documents. Too many businesses think of security only as making sure the doors to the building are locked; others are more sophisticated but yet only consider digital security. They forget about the thousands of documents printed out on various printers and copiers around the office.

While most of the major breaches are electronic, there have been a number of security incidents involving paper records. The Department of Health and Human Services found that paper was involved in 61% of smaller breaches specific to HITECH compliance. A report from BakerHostetler showed similar numbers.

There are multiple ways paper documents containing sensitive data can be “hacked”:

  • Improper disposal of documents — throwing documents in the trash rather than shredding them, for example
  • An employee (or third-party contractor) walking away with customer information left in the print output tray
  • Leaving boxes of patient records on the driveway (this actually happened)

Pull printing can help with the first and second issues, common sense and a well-understood security and privacy policy should, hopefully, handle the third issue.

How pull printing improves document security

The pull-printing concept is simple. Rather than clicking “print” on the computer and simply having a document print to the device indicated, after clicking “print” the job is held until released at a printer by the user after authentication. This means no more embarrassing incidents  (HR records on pay, for example) or potential compliance violations (customer data) from documents left in an easily accessed printer’s output tray.

As a further level of security, print jobs can be encrypted from device (laptop, PC, smartphone) to the printer.

Pull printing enhances security in multiple ways:

  1. It provides an audit trail of who printed documents.
  2. Authentication at the device (via PIN or PIC, proximity card reader, smartcards, or biometrics). Dual-factor authentication can be implemented for an additional layer of security.

There’s another benefit to pull printing as impressive as improved security. You’ll be able to track your real print costs and exert control over your entire printing environment to reduce those costs.

Get an edge with pull printing

As mentioned earlier, many businesses continue to worry about cloud-based app security, especially for sensitive information.

While legitimate, those concerns are often overblown. However, there are compliance reasons (in healthcare or finance, for example) and speed reasons (ANY business) why a 100% cloud solution might not work.

In those cases, a combination of cloud and edge computing can be a perfect fit. In brief, the cloud application manages reporting and metadata. Processing remains within a company’s firewall, which means no data is exposed in transit to/from the cloud and processing is generally faster.

It seems ironic that in an increasingly digital world, printing should play a key role in every business’ document security strategy.

Nikolay Velinski is Cloud Services Director, Y Soft North/Latin America. “Niko” is based in Grapevine, Texas and evangelizes Y Soft’s cloud-based solutions to the partner community and to partner’s customers. When he is not talking and laughing, he’s traveling or playing tennis. A veteran in the print industry, Niko is a problem solver who enjoys helping partners expand their businesses.