Device security in the modern workplace

Working environments today are full of potential security issues.

Download the report

Protect your office against IOT vulnerabilities

Find out how Canon can support you to achieve a safer connected office and guard against internal and external security threats

Download report

Security team

Where are the threats coming from?

It’s a misconception that all data breaches are perpetrated by criminals who manage somehow to sneak into your office workplace and use highly advanced hacking skills to steal your data. The reality however is that most data loss occurs from insider threats, i.e. a malicious threat to an organisation that comes from the people within it, such as employees, former employees, contractors or business associates, who’ve inside information concerning its security practices, data and computer systems. Businesses need to protect their data from both internal and external attack, from malicious attacks and thoughtless user behaviours.

Technology innovations are making the office workplace ever more porous for data, not less. With Gartner estimating over 20 billion things will be connected globally by 2020, the job of data protection isn’t set to get any easier. With more smart devices in the office than ever before, from cloud-connected printers to email enabled smartwatches, the number of touchpoints potentially vulnerable to attack is increasing at a rapid rate.

Hard copy data being shared

Perform the 6-step office equipment security ‘acid test’

Ultimately, the safest networked device is one that is powered off but while this might mean that the CISO is able to sleep easy at night, it’s unlikely to result in business success. All networked office equipment holds some level of data security risk but the obvious high-threat areas are easily checked for. The key for businesses is to find the level of risk that they’re comfortable with and this will vary for every organisation. Our simple list of secure data management questions should help you on your way to infosecurity best practise. The more ‘yes’ answers you give, the higher the risk to data.

1. Can devices be used without requiring any form of authentication?

If you can, it means others could potentially access your network. The level of authentication expected of a device; print or otherwise; will depend on your security profile, but as a bare minimum, users should have their own unique pin-code, password or encrypted RFID card. Some businesses will prefer to adopt multiple methods of authentication to increase their data security posture, but more intrusive processes can lead to user frustrations and impact productivity. All users and administrators should have their access to devices suitably governed by permissions and entitlements.

2. Are networked devices shared by users?

All connected devices are conduits of information and as such are vulnerable to breach. Take the office printer for example; the best way to protect print jobs from falling into the wrong hands, is to adopt pull-printing (i.e. the ability to release their private print jobs only when present at the device). Without authentication, access to pull-printing functionality isn’t available to users meaning the documents they send for printing from their desktop will be exposed to security threats until they reach the target print device, which may be out of sight. This scenario could lead to sensitive information being left, unmonitored, on a printer waiting to be picked up by anyone who happens to walk past – whether they’re authorised to see the information contained within the document or not.

3. Do devices have access to the internet?

Many modern multi-functional office devices do require open port access to the internet for purposes of preventative maintenance, cloud services integration and file sharing. As such they represent a potential security threat unless regulated.

Security team whiteboard session

4. Do devices house hard-disks?

As with many networked devices, your office print devices may contain a hard-disk (most large multi-functionals do) and it’s likely the device will be storing print jobs, either temporarily or permanently onboard. If that’s the case, there’s no telling what could be on the hard-disk. It makes sense to install safeguards like auto-removal of data as part of the print process, or if this level of functionality isn’t available, to at least ensure that devices leaving their location (typically as the result of an office move or at the end of the device’s life) are cleansed of any data.

5. Do devices offer WiFi, USB or mobile access?

In general terms, the more connectivity options you have enabled on a device, the more ways an attacker could potentially access the device and the local area network resources it connects to.

6. How encrypted is your printed data?

One might presume these days, that any network data or temporary data created as the result of a process like printing will be encrypted to prevent third parties from intercepting content. Regrettably, that’s not always the case. It’s worthwhile performing a simple check to make sure printed data is always secured by encryption when in transit, when held in print spools or temporary memory storage, or indeed when print jobs are retained on hard disks.

What next?

Now that you’ve reviewed our data protection and security requirements, how does your office stack up? Are you compliant with data security best practises or is there still work to be done?.

Don't become another cybercrime statistic. Find out how you can protect your IoT-connected office with our report on workplace security

Related solutions

Explore Further

Discover how Canon can help safeguard your office