Improving data security is always an excellent New Year’s resolution – especially in a technology and data-driven industry like print. By the way, if you are in print and your business is not data-driven, you may not be around to see another new year.
We kicked off 2018 with a post and white paper on Building End-to-End Data Security into Inkjet. At that time, we cited huge increases in the number of data breaches from 2016 to 2017. According to the Ponemon Institute, the trend continued into 2018 with increases across a range of breach-related measures.
- The average total cost rose from $3.62 to $3.86 million
- The average (per capita) cost for each lost record rose from $141 to $148
- The average size of the data breaches in this research increased by 2.2 percent
One of the other key findings in the latest Ponemon report related to breaches related to use of “Internet of Things” (IoT) devices. The report states that the extensive use of IoT devices can increase the cost of a breach by $5 per compromised record taking the 2018 average from $148 per record to $153 per record.
What is The Internet of Things (IoT)?
IoT refers to non-standard computing devices that have the ability to transmit data and are most often connected wirelessly to a network or directly to the Internet. Common examples include thermostats, home appliances, security cameras and, wait for it…printers.
Generally, when researchers refer to printers in the context of IoT they are talking about home desktop printers or departmental printers in offices. However, more and more, production printers are becoming Internet-enabled. The device may be wirelessly connected to a network, the operator console may be managed through a wirelessly connected tablet device, or cameras or other quality control technology may be communicating wirelessly with the device. In some cases, the access may be unintentional due to use of incorrect settings when installing a server.
As described in our previous post, Inkjet environments are particularly vulnerable during the installation and testing phase. Some new inkjet users may also be new to the “data-driven” capabilities that inkjet enables. Even when familiar with data and security requirements, it’s easy to get settings wrong or understand how security on one device impacts security settings on another.
EFI, which is hosting their EFI Connect event this week in Las Vegas, offers an in-depth white paper on securing their servers. It is a great resource covering hardware, network security, access control, operating system, and data security. However, they still add: “As always, we still recommend that end users combine Fiery security features with other safeguards, such as secure password and strong physical security procedures, to achieve overall system security.“ In a connected environment, end-to-end security is required. With IoT, sometimes it is hard to know where the “ends” are.
A 2017 report from Aberdeen on End-Point Security stated that according to “Aberdeen’s simple analysis… in a typical endpoint infrastructure with 1,000 users, there are between 50K and 480K changes (e.g., patches, updates, configuration changes, installations, de-installations) made — or potentially made — in any given month, with a median of 250K.” Are your production printers attached to that kind of network? Do you know?
With the complexity of IoT networks expanding and the cost and frequency of breaches climbing, printers must take advantage of every resource to protect their security and their reputations. The advice provided in our 2018 white paper Building End-to-End Data Security into Inkjet Print Operations, commissioned by Crawford Technologies is still highly relevant. We highly recommend the use of automated redaction and scrambling tools to protect customer data and enable working through the inkjet installation process and any post-installation trouble shooting in a secure manner.
Securing print is a big topic and we will continue to make you aware of new resources and approaches as the market changes. We wish you a safe and successful 2019.