4 ways to avoid data risk from printing
- By Dan Waldinger
- Nov 22, 2016
Government agencies at the local, state and federal levels are tasked with maintaining the public’s trust. Accordingly, one area that has come under greater scrutiny in recent years is how the public sector manages and protects the personal information of citizens. Every government agency at every level houses sensitive data that could be exposed if mismanaged.
Citizens visit government offices for any number of purposes, such as applying for public aid, paying taxes, requesting a building permit, etc. In doing so, they are often required to present items that contain sensitive data:
- Utility bills to verify permanent addresses
- Income tax returns to determine aid eligibility
- Social Security numbers to prove citizenship
- Drivers licenses for official identification
In many cases, any or all of these documents are either copied or scanned into a digital environment. Once this sensitive data has been reproduced, what measures are in place to ensure that it isn’t compromised?
Something as simple as leaving an original document on a copier or accidentally scanning sensitive data to the wrong folder can be disastrous. While misuse of a multifunction printing device may not be the most imminent threat to potential data loss, there are certainly steps public entities can take to drastically reduce the risk of data exposure.
1. Create and enforce data reproduction policies. For decades, the public sector has traditionally operated in a paper-intensive environment; however, electronic data, including scanned physical documents and original scans are now widely used. Assessing how documents are reproduced -- and by whom -- will help agencies develop best practices specific to each office. Once policies are created, employees should complete data management training, and clear penalties for non-compliance should be enforced.
2. Conduct risk assessments. Once policies and procedures are in place, a thorough risk assessment must be conducted. Such an undertaking should include an inventory of assets -- such as scanners, printers, fax machines and copiers -- to identify each piece of equipment’s breach potential. Related software should also be evaluated to minimize the likelihood of a data breach. Risk assessments should occur annually, and whenever assets are replaced.
3. Invest in the right technology. Today’s data reproduction solutions include features such as network scanning, scanning to remote hosts or network folders, Wi-Fi connectivity and mobile capabilities. Printing and scanning solutions with features that don’t have the functionality to address a specific office’s needs could put the data at risk, while machines that have an abundance of unnecessary features are a waste of money -- financed by taxpayers.
4. Maintain data hygiene. Ensuring the integrity of paper records and files is easier with user-friendly, compliant software and equipment. Knowledgeable solution providers can help agencies integrate the technology necessary to ensure equipment and processes protect citizen data. Some examples of this include:
- Locking individual machine functions by user (specifically features such as print, copy, scan, fax send, fax receive and PC fax).
- Allowing users to delay the printing of remote print jobs until they enter a password or swipe a card when standing at the machine’s control panel.
- Securing data as soon as it is scanned.
- Ensuring that all faxes are received into memory and cannot be printed without a password.
- Supporting face-down printing and faxing, which guards against inadvertent unauthorized document viewing.
- Bypassing hard-copy printouts by using PC-to-fax or e-fax functions.
- Deploying fax forwarding to improve efficiency and reduce potential data breaches related to fax printouts.
The key principle of secure document transmission is the minimization of exposure of sensitive data to anyone but the personnel who have a “need to know.” The end result is a more efficient use of copiers and printers and assurance that the data that citizens trust an organization with is used only for its intended purposes.
Dan Waldinger is director of marketing for solutions and services at Brother International.