Identity management: MFPs are a multi-functional risk

Most IT decision-makers do not know how many stages an electronic document passes through in their company; however, every time a document is scanned, printed, faxed or sent as email, it can be viewed without authorisation or fall into the wrong hands.

Digital copiers or multifunction peripherals (MFPs) with printing, scanning, copying and faxing function, which are equipped with hard drives, embedded firmware and functionality for communicating with other systems on the network, pose a particular risk. Although these devices facilitate work in the office, they are full of security loopholes.

Security experts at Nuance have therefore put together a series of recommendations to minimise the risks when printing, faxing and scanning. The key measure is to establish rules-based user authentication (which also allows user activities to be traced in case of doubt). Users can then only print documents for which they have rights. Rather than automatically being authorised for all functions, users should also only be given access to the required features. An MFP can transfer tracking information to a database via in-process testing. This makes it easier to determine which device is faulty, which user was authenticated and where the data have been sent.

It is also important that the traffic between MFPs and mobile devices, servers or other target devices is encrypted. This enables companies to ensure that documents are only visible to users with permission. The rules also apply when sending emails, which is then only possible to validated email addresses for example. Finally, a central fax server should replace analogue fax transmission. (Source: Nuance/bs)

Matomo