10 steps that will prevent your printer from bankrupting your business (MOTW26)
29 June 2018
GDPR went into full effect at the end of May, and our own Protection of Private Information Act (POPI) will go live by the end of this year.
Getting your organisation compliant with both sets of regulations is in your best interests, as non-compliance carries stiff penalties like fines that could potentially bankrupt your organisation.
That the POPI go-live date is still a way off doesn’t mean that organisations should not already be starting the process of complying.
Printers are a point of vulnerability that could potentially see you in breach of both sets of regulations, so here are ten tips that will help you lock them down and mitigate your GDPR and POPI-related risks.
- Ensure documents can’t be scanned or copied to uncontrolled destinations.
- Do not leave documents on the output tray.
- Ensure printer operating systems and firmware are patched to their latest versions.
- Secure all ports and protocols.
- Scan your devices regularly for security vulnerabilities.
- Secure the network connection to each printer.
- Do not connect to offsite locations - like cloud destinations – unnecessarily
- Secure all storage devices from unauthorised access.
- Ensure staff are informed about the risks of leaving sensitive documents unattended on their desks.
- Lock down all printer control panels so that only authorised personnel can use them.
Follow these, and your organisation will be closer to both GDPR and POPI compliance, and at a far less risk of a bankruptcy-causing infraction.
What is disconcerting is how easy it is to breach both GDPR and POPI’s rules with printers, as they remain a point of vulnerability for any organisation that uses them. Factors like age, out-of-date firmware or operating systems, open ports, storage accessibility, and even the human factor leave them wide open to data theft, which is what this legislation seeks to contain.
And while these issues already have solutions, the fact remains that often they are not implemented or are simply overlooked, leading to non-compliance. Did you know that under GDPR, organisations could possibly be fined for merely owning un-secured printers, and since the fines aren’t small, it’s in everyone’s interest to get compliant, and fast.
At KYOCERA, we’re not unaware of these issues, and have put measures in place to help organisations ensure their printers won’t land them in hot water. We’ve long been prepared for both GDPR and POPI, so get in touch if you need some help getting compliance strategies going for your clients.
Software Product Manager
KYOCERA Document Solutions South Africa