A common challenge small to mid-sized organizations have faced in recent years is properly identifying and addressing security threats to their organization. Typically these can be addressed in a few ways. The first is on the individual employee level to ensure that malicious threats don’t stem from unintentional employee negligence, this can include installing security software for each user, holding security training sessions, creating procedures, and employing multi-factor authentication to prevent breaches that can spread quickly across the office. The second is through creating organizational blocks to keep these threats from getting to individuals in the first place, which could be through maintaining secure servers and networks or migrating data to the Cloud, having strict firewalls in place, and other activities typically managed by the IT team.
Unfortunately, something that is often overlooked as a potential security threat are copiers and printers. Even basic desktop printers can be the entry point for a security breach that can quickly evolve into a huge threat for your organization.
PiF’s copier partner, Ricoh, has consistently been a leader in security and ensures that every device they produce is secure with the most up-to-date features. They take a layered approach to protection, ensuring that every step of your copy and print process is secured.
How are your devices vulnerable?
Malicious access via networks
A cyber attack (i.e. malware, ransomware, leaked passwords, etc.) isn’t limited just laptops, computers, and servers, it can affect your copiers and printers as well
The tapping into and alteration of information over the network
An unsecure network can give hackers access to anything and everything
Information leaks from HDD storage media
When sensitive information is stored on an unsecured device, malicious actors can capture and take advantage of that data
Unauthorized access via a device’s operation panel
Someone happens to get into your office building and accesses a device’s operation panel, gaining access to documents in the queue and stored information
Break-ins through hacked fax or telephone lines
An unmonitored fax machine can be an easy entry point for malicious actors looking to steal vulnerable company information
Information leaks via missing or stolen hardcopies of documents
Messy desks are more than just a nuisance, important documents can go missing or worse, be stolen
Security policy breaches due to carelessness or lack of policy
Picture this: a well-meaning employee sends their password to someone they think is IT, but is in fact a hacker and puts the entire organization at risk.
Ricoh's Approach to Security
Layer One: Security at the Device level
Security begins with more than just additional software, it’s built right into Ricoh’s hardware. Features including a device’s firmware, hard disk drive, non-volatile memory, open network ports and system of authentication can help protect multifunction devices and laser printers from potential compromise. Ricoh has also obtained certification for a wide range of their products based on ISO/IEC 15408 Common Criteria, HCD PP v1.0 Hardcopy Device Protection Profile and IEEE 2600.2 Hardcopy Device Protection Profile. What does that mean? Devices undergoing these certifications have their security functions tested by independent third-party government-licensed laboratories to ensure security features perform correctly and conform to standards set by both government and industry. While many other manufacturers talk about security, Ricoh lives it.
Layer Two: A Secure User interface
Your device’s Smart Operation Panel is a point of entry for malicious actors, but with the right protections it can be an additional layer of security for your important data. There are two key ways Ricoh’s Smart Operation Panel, which uses a Ricoh-only operating system, promotes a secure environment.
The first of which is not installing any unnecessary components, this keeps the OS running smoothly and not bogged-down by buggy third party applications. Root access, the ability to alter or replace system applications and settings, is not available. Any embedded applications must pass Ricoh compatibility testing before they can run on the Smart Operation Panel, this prevents any security gaps coming up due to incompatibility.
The second component is through the user interface of the Smart Operation Panel. Ricoh devices support network user authentication to limit access to authorized users. Their authentication verifies a user’s identity at the multifunction printer by comparing login credentials (username and password) against the database of authorized users on the network server.
Layer Three: Embedded Applications
Ricoh devices offer features that are tested, compatibility certified and digitally signed by Ricoh to ensure extensive protection to organizations. This can include authentication, secure print, encryption, and workflows.
Scanning documents in order to digitize them within a Document Management system, while easy to do, is a common point of security compromise. A simple way to reduce risk is through limiting who is authorized to scan. Fortunately Ricoh allows organizations to restrict who is allowed to scan sensitive data and how that data is managed through a variety of authentication options. These can include network logins, single sign-on via employee ID, and scan-to-email encryption.
Ricoh also offers functionality designed to eliminate unauthorized copying of hardcopy documents in order to prevent information leaks from malicious actors. The copy guard function prints and copies documents with special invisible patterns embedded across the background. If the printed or copied document is photocopied again, the embedded patterns will become visible on the copies.
Layer Four: Networks
Many end users don’t understand that because multifunction printers exchange critical information with computers and servers over networks, that data is at risk if left unprotected Ricoh products and technologies offer features that can help protect against unauthorized access via networks. Through tools such as encryption of network communications and print streams, network user authentication, and administrative countermeasures, such as closing network ports and proactive device management, your organization can eliminate your network as an entry point for cyber attacks.
Layer Five: Server Security
As an organization, you likely have existing policies and procedures to keep your data safe. Ricoh comes alongside your existing practices and helps further enhance them to continue to protect your organization. Through the segregation of administrative roles, you can ensure that no one user gets exclusive administrative rights to sensitive device data, and through division of responsibilities you can also ensure that all bases are covered.
An additional approach to take to server security is through investing in Cloud hosting for your organization. PiF’s Cloud partner, Amazon Web Services (AWS), is one of the largest providers of Cloud computing services in the world, with over 90% of Fortune 100 companies working with an AWS Partner. Many of PiF’s customers have moved to the AWS Cloud in recent years, with that number continuing to grow as organizations see the value of a secure, flexible Cloud infrastructure.
Unlike other Cloud providers who define a region as a single data center, AWS Regions consist of multiple Availability Zones consisting of discrete data centers with identical power, networking, and connectivity abilities, and each housed in separate facilities to ensure the Cloud is always secure. This means that even if one data center is compromised, your data is backed up to other data centers and still protected.
Layer Six: Services
Organizations that use and store medical information, financial information, personally identifiable information (PII) or other types of sensitive data may be subject to various regulatory requirements in order to keep consumers protected. Policies such as HIPAA, Gramm-Leach-Bliley, or the Family Education Rights and Privacy Act (FERPA), hold organizations to a high security and protection standard.
Whether your organization needs to adhere to outside compliance or demonstrate support of your own security policies, PiF Technologies and Ricoh can help. PiF is fully committed to the compliance and security of our customers’ data. We have developed internal procedures and programs to reinforce security, many of which directly impact how we protect our customer’s data. PiF meets the SOC 2 compliance standard for service organizations, developed by the American Institute of CPAs (AICPA). The standard is based on the following Trust Services Criteria: security, availability, processing integrity, confidentiality, and privacy.
Through adhering to these standards, we can ensure that our customers are always securely supported by us.
How to implement secure copiers and multi-function printers in your organization
With all the security considerations regarding copiers and printers, it can be overwhelming to know how to get started. Ricoh’s enhanced devices coupled with the knowledge from a dealer and service provider who can ensure you have the tools you need for a secure fleet is the perfect pairing. The best way to get started is to take inventory of your current devices, how you use them, and who uses them. You can then make smart decisions regarding what to invest in next and seek out a service provider (like PiF) that can help you identify the exact MFPs and configurations you need. We’ll even help you establish the security settings you need to ensure that your entire organization is well protected.