GDPR legislation is set to highlight print device security as a major issue

The forthcoming introduction of GDPR legislation has once again shone a light on the security (or lack thereof) around print infrastructure. As highlighted in our recent blog about GDPR compliant workplaces, print hardware and devices typically remain the weak link in IT security.

What many people fail to realise is that most office printers have a hard disc and a network connection, just like a computer, and yet they are not afforded the same level of hardware protection. Printers present a back door to otherwise highly secure networks and as devices become more accessible, so the risk increases.

The introduction of Airprint technology and wireless printing can be useful from a user perspective, but it also makes devices more visible and therefore more ‘hackable’. To test the theory, we recently sat in a car outside a serviced office block and scanned to see how many devices we could see. An eye watering 25 network access points (excluding wifi access points) were presented for our selection. Now, we didn’t test the security behind these but our experience suggests that we could probably have hacked up to 50% of these with little or no effort, putting us on networks and able to access other devices or upload malware, trojans or viruses. A dedicated hacker would probably be able to access closer 75% and in far less time than a keen amateur.

With print infrastructure once again moving away from centralised print, back to a more generous scattering of devices around the workplace, the risk to IT security, if not taken seriously, will only increase. However, even secure network devices present a continued data risk if other aspects such as secure document destruction, immediate collection of confidential documents and on demand printing are not taken into consideration.

Securing your print estate is not as difficult or expensive as you may think, especially when compared to the risk:benefit analysis of not doing anything, and so we now recommend this as standard for all our clients. For more information, contact us today.

Are you paying too much for print?  
The title for this should probably read ‘You ARE paying too much for print’ as it is increasingly rare that we come across a company that cannot make savings across their print estate. This is not for the want of trying as most companies understand that the provision and maintenance of devices and consumables is normally a big chunk of their IT spend.

So, in this blog we wanted to share the benefit of our experience in this sector to try and help more of you drive down costs. Some of the ideas below may seem obvious but the small costs soon add up and if you haven’t reviewed your print estate recently, then maybe these five top tips will help guide you:

1. Total cost of ownership – Rule of thumb is that cheap to buy printers cost the most to run. But unlike cars, the more you spend on the capital purchase of a printer, the lower the running costs. This rule is not cast in concrete and there are some 6 litre Rolls Royces out there that cost a bundle on day one and every day thereafter, but by and large we would recommend spending more upfront. So, if you are considering purchasing new devices, run a short exercise to ascertain the total cost of ownership over 3-5 years. Your calculations should include capital cost, ink, drums, volumes, maintenance and power
2. Ink or laser? – Laser every time. Inkjet printers are often inefficient and with inefficiency comes increased cost. Whilst the price for a new cartridge can be low, the number of pages it produces is not on a similar ratio, so your per page cost is higher
3. In a contract? Check your per copy charges, rental charges and duration. Sadly, there remain some unscrupulous providers in our sector and like the insurance market, it is always worth going to market well ahead of your renewal to test the current contract
4. Leasing? – Beware secondary leasing – this is the ongoing lease charge which kicks in after the original period. If you missed it in the small print when you signed up it can come as a nasty and costly surprise. You can normally avoid secondary leasing by giving notice before the end of the initial period
5. Centralised or decentralised? – We’re writing a longer blog on this very subject at the moment as things have swung back towards decentralised print having previously gone the other way. However, regardless of the pros and cons for one of the other, the simple fact remains, fewer machines will cost you less. If you introduce smart print management software then you can make it work without inconveniencing anyone.

There are plenty of unique criteria that may only apply to you and so if you need some more bespoke advice and support around efficiencies and cost reductions please let us know.

GDPR Compliant Workplaces

We’re used to hearing horror stories of laptops and USB keys going missing stacked full of data, or websites being hacked to access personal information; but despite spending huge budgets on securing electronic data, most companies still fall foul of new data protection regulations due to hard copy material.

GDPR (General Data Protection Regulation), which comes into force in May 2018, has once again shone a light on the subject of data protection and will introduce far reaching conditions on holders of data to ensure they are doing all they can to protect it. But walking around most offices, many have overlooked some of the most obvious breaches.

Working with clients to introduce print efficiencies and reduce costs, we spend a lot of time around printers, scanners and other networked devices that hold and generate significant amounts of data. Whilst most workstations are secured, it is amazing how few devices, such as printers, are not.

Printers are, to all intents and purposes, PC’s and if they are not protected can provide the same level of access to your network and data (as demonstrated in this HP video). Furthermore, incorrectly configured print management systems can result in secure and confidential documents/data popping up on machines around the building and not always in the right places. Not a problem if you remember to pick them up immediately, but how many times do we forget, leaving the content on display for anyone looking?

In the last 20 years, secure destruction of documents has avoided personal data ending up in freely accessible bins or blowing down the street, but these bags of documents are a data dream, all neatly packed together in a handy bag that can be picked up and taken away. How easy is that? By putting documents in these bags, we get a false sense of security, but actually all we are doing is creating a nucleus of data.
So, as we help clients prepare for the introduction of GDPR, one of the first things we do is a walkaround of their premises to point out these seemingly obvious issues. You’d be surprised how many organisations with highly secure, locked down IT processes are undermined by the simplest things.