Is Your Office Equipment Storing Sensitive Information?
Today's corporate printers run much like a computer and are often multifunctional; they can not only print, but also copy, scan, email, and fax. These printers contain hard drives that help manage large print jobs and store forms, fonts, macros, and images. It's the last part that should be somewhat alarming. If an organization owns a printer with a hard drive, it may currently be saving sensitive and confidential images to its memory. They have the ability to store images on a continuous loop and depending on the capacity, could be indefinitely, or until the memory is physically erased. Fax machines and personal home printers do not usually have drives, so the security risk is essentially non-existent.
The three most common solutions to eliminating the risk of a printer hard drive security breach are 1) set the printer setting to not use the drive at all; 2) use encryption software or an overwriting program; or 3) remove the drive and wipe it clean or destroy it. By not using the hard drive at all, the printer only uses temporary files that disappear after each task is completed.
Encryption software scrambles the images so that if the hard drive is stolen, the information on it can not be retrieved. Overwriting software replaces existing data with random characters, again rendering the information on the drive useless. It's important to note that encryption software and overwriting programs can be installed at any time during the printer's lifecycle.
If you plan on wiping the hard drive clean, be sure to securely erase ALL the information. Personally, smashing a hard drive with a hammer sounds fun or maybe you can host your own episode of "Will it Blend?" Business consumers also have the option to specify hard drive removal terms into the service contract or lease agreement. One viable option is to purchase the original Equipment Manufacturer (OEM) at the end of the lease. Another is to have the OEM provide a certificate of destruction, guaranteeing that the drive has been properly destroyed. If you own the printer and plan on selling or donating it, consult your IT Department or the OEM first before removing the hard drive.
A printer hard drive security breach is 100% preventable and should not be taken lightly, particularly in the healthcare, education, and financial market segments. If a patient's medical records, or employee's bank account information and social security numbers fall into the wrong hands, it could be detrimental to all parties involved. It's always better to be safe than sorry, especially in this day and age where security breaches are no longer the exception, but the norm.
Do you have any security tips to share with our readers? Feel free to leave a comment.