Skip to main content

Print: The Forgotten Endpoint

Softcat advises how to ensure your printers are secure

Networking & security Print

Print security 01
Alex Lewis

Alexander Lewis

Cyber Assessment Services Technical Practice Lead

Security & is a Softcat blog series highlighting how security and other areas of IT work together to maximise an organisation’s infrastructure investment. Stopping by all Softcat’s solutions teams, this series offers advice that will enable you to develop a more cohesive infrastructure leading to a more complete security strategy.

Keeping up with the data protection times in print

With the advent of recent data protection laws (namely GDPR), many in networking and security have found themselves dusting off and revising their internal data protection policies. By its very nature these documents can be very complex, and part of my role is to help ensure these are as holistic as possible, covering all bases. Whilst I'm not going to attempt to cover off a history of Data Loss Prevention (DLP) policies in this blog, I want to highlight one endpoint that often is either forgotten, or an afterthought of DLP strategies. As part of Softcat's Security& series, we're going to be talking about Print.

Print: why is the security of print important to organisations?

For those of you who have been with us a while, you may remember back in 2017 a great blog from the head of Softcat's Managed Print Team, Rhys Lawson, also delving into the world of print. For anyone that didn't catch it, feel free to bring yourself up to speed here. Rhys does a fantastic job articulating one of the most overlooked aspects of print security, the device operating system itself. In this day and age of Internet of things, and more recently the 'Faxploit' vulnerability (more info here) this couldn't be more relevant. However, I'm not going to focus too much on this.

The data and the document

Rhys touches on two other points beyond print security; securing the data and securing the document. I'm going to elaborate more on this and I'll break them down into their respective areas to cover not just tech, but also how they stitch into a wider DLP policy remit.

  1. Securing the Data

    This point is all about making sure your users only print documents that don't present a risk of data exfiltration, essentially filtering the data before it hits the printer. With most modern DLP tools we can classify data based on a multitude of factors; ranging from who owns the data and where its being sent, to how it's being sent and environmental factors. Then you can risk score them. From this, setting thresholds let you ensure that a score above 'X' isn't allowed to print – print doesn't compute. From a policy perspective, we can ensure that a valid and discussed decision is reached to quantify risk thresholds, and by cementing this in policy we can ensure the business can articulate this.

  2. Securing the Document

    This one seems simple enough. Ensuring that once the document is printed, you don't have to keep your eye on it, it's fully within your control. The first port of call here is known as 'Follow-Me' Printing. Essentially this means that once a user presses print on their device, the job will sit in the job queue until you swipe your card/fob by the printer and wait for it to print. This removes that worry of "where did that document I swear I printed go?" Sensitive information is no longer sat in a printer output tray for anyone to read or remove. From a policy perspective, the business needs to ensure that staff have training so things such as card sharing doesn't occur, and again, that we have articulated and documented the processes to add in, report on, and manage users based on personnel turnover.

This is great, but my printing estate is a nightmare

Of course, this only works if you have full visibility of your printing estate. For anyone that's reading this and is still wrestling with understanding paper, ink and repair costs, device refreshes and trying to ensure their printing estate is as efficient and cost effective as possible, there are ways to improve this. Whilst helping you centralise and accurately understand your printing, you can save a huge amount on printing expenses.

Get in Touch

Softcat's Managed Print Team are regularly commended for helping customers improve their print strategy and reduce costs. So if you're struggling with your printing estate, or reading this has made you think about how you can integrate with your security strategy, please check out our Managed Print Service offering, get in touch with your account management team or send us a message using the button below.

About the author: Alexander Lewis is a leading Networking & Security Specialist at Softcat and has been working with Softcat’s customers for over two years. Alex’s previous work has seen him work in various IT-focused roles, but his passion for technology started young when he built his first PC at just 6 Years old. When not working with customers, Alex guides Softcat customers on security and networking strategy, regularly contributing to our blogs, webinars and training exercises.