The world runs on data. Banks, schools, hospitals, governments and business – all of these organizations collect and use data on a regular basis. The types of information they collect and how they collect it varies, but there are precautions you can take to ensure any information you share is secure. Data security is a concern that touches virtually every aspect of our lives, so in this guide we’re looking at everything from data protection laws to encryption, and what security means in a managed print services (MPS) context.
What is data security?
Data security refers to the measures used to prevent unauthorized access to computers, databases and websites. Sometimes referred to as data privacy or cyber security, data security is the ability for organizations to protect their information and determine what and how it can be shared with others. It’s an essential component of information technology (IT) for organizations of every size and type, and those without security measures leave their data open to unauthorized access in the form of data breaches or cyberattacks.
Data security around the world
Many countries have data protection legislation that outlines the rights and responsibilities of both individuals and organizations to share, collect, store, transmit and use data. The difficulty in enforcing these laws lies in how regionalized they are – most countries institute their own data protection laws and the content of the legislation can vary significantly from one country to the next. For example, the United States had 20 sector-specific national data privacy and security laws and there are hundreds more at the state level. California alone has more than 25 state laws for data protection.
The data security landscape is equally complicated in Europe. Although European Union (EU) member states have implemented the EU Data Protection Directive (95/46/EC) as part of their respective national legislation, it’s important to note that each country has implemented these laws differently. Some countries have independent legislation with further data protection guidelines, but on May 25, 2018, the European Commission’s General Data Protection Regulation (GDPR) will take effect. It includes some of the most stringent data protection laws in the world, but there are more than 30 areas in the legislation where EU member states are permitted to legislate their domestic laws differently, resulting in varied data protection laws across Europe.
Who is responsible for data security?
Data security starts with you – it’s ultimately up to you to decide what information you share with others. But today, everything from social media to online shopping involves the exchange of data, so it’s up to the organizations and businesses you share data with to ensure that information is secure. Whenever you provide data to a third party, you should be aware of the security measures in place to protect your information.
Managed print security
Let’s look at managed print services as an example. MPS is the proactive management of an organization’s print devices. Print management solutions like PrintFleet Vision® use data collection agents (DCAs) installed at the end user’s location to securely collect and transmit print data via SNMP. Virtually all MPS providers use encryption and HTTPS access to ensure this device data is secure.
The onus isn’t entirely on MPS providers to ensure data is secure, though. Businesses at every level of the imaging industry are responsible for ensuring print data is securely collected, transmitted and stored.
- MPS software companies: Any business that deals with data is expected to comply with applicable data protection laws. Most legislation refers to the protection of personal data but print management applications like DCAs typically only collect device data. DCA Pulse, for example, does not collect any print job or user data, which means compliance with legislation like Sarbanes-Oxley is not affected by the use of PrintFleet If you’re not sure which legislation applies to you, your customers or your vendors, here’s a map of data protection laws around the world.
- Resellers: Service providers like resellers and dealers should educate their customers on the seriousness of data security and provide documentation on best practices to ensure their customers are taking the necessary steps to protect their data.
- End users: All customers should do their due diligence when choosing a service provider to ensure they’re aware of what information is being collected, how it’s collected and how it’s being used.
How can you ensure your print environment is secure?
Individuals and organizations can ensure their data is secure at the device level by implementing print hygiene practices such as secure print. User authentication, which requires users to physically enter a PIN number at the device to complete print job, can ensure that documents are released to the correct people and no sensitive information is left on the printer.
Another step you can take to improve device security is installing the latest firmware on all of your devices. Computers may seem like a more immediate threat, but networked printers that appear benign are essentially mini-computers that attackers can use to access the network. You should treat printers like any other device on your network and take the necessary measure to ensure they’re secure, including updating the firmware.
When it comes to data security outside of your network, ensure that any sites you’re using—particularly if you’re sharing information—have an SSL certificate. How can you tell if the website you’re using has one? The left corner of your address bar should display a small padlock symbol and the web address should begin with https://. The ‘S’ in HTTPS stands for ‘Secure’ and means that communications between your browser and the website are encrypted.
Check out Data Security and MPS for additional insight into data security and what that means in a managed print context!
Here are some additional posts for more information on data security: