Calling Out the Blind Spots in a Work-From-Home World

The great work-from-home (WFH) wave thrust upon us by the global pandemic is here to stay. Now is the time to bring security and normalcy to the varieties of improvised solutions companies have scrambled to create. You’ve probably been resourceful in your deployment, but you may have unwittingly invited vulnerabilities that could be costly to your bottom line and your reputation. Typical work-from-home setups give employees everything they need to do their job: laptops, phones and workflow and print management software. But with office printers left abandoned, employees have little recourse other than to use their personal printers. Some may have plugged in their own devices, creating a direct line within your organizations’ network and exposing it to security vulnerabilities. These blind spots are opportunities for hackers and can cost businesses an average $200,000 per incident, resulting in 60% percent of breached organizations going out of business within six months of an attack. (Hiscox) The mere act of printing on an unmanaged device may seem small, but hackers count on you to overlook this vulnerability.

All 50 states, plus the District of Columbia, have adopted some type of data breach notification rule, and many have implemented or are considering implementing additional privacy and/or heightened data security laws. Accordingly, incidents can result in regulatory fines, greater regulatory scrutiny, substantial notification costs, and loss of customer trust. Unless properly managed, the damage could exponentially grow and harm your company’s reputation and brand value. And the story gets even worse if your organization is a regulated entity, which is subject to heightened regulatory requirements.

You may have noticed a decrease in printing activity on in-office devices, yet printing is still happening from the homes of your employees via unmanaged devices. If this applies to your organization, understand you are exposing your organization to the potential of damaging cyber threats. Remote work solutions that allow for a quick, seamless, secure, and cost-efficient transition between office and home work environments will be essential for you to thrive. Both environments need printers attached to the network, and you need to be prepared to provide the right equipment and education to maintain the security of your business. Start by educating your employees on the security and legal dangers of tethering devices in homes, and also plan for some of the technical aspects you’ll need in place to deliver a solution.

Business owners should be aware of three main blind spots when printing from home:

1. NETWORK SECURITY RISKS

Connecting unmanaged devices to an organization creates a direct line to their network. Printers can be accessed by a variety of people and are capable of storing data on their hard drives, creating an access point to sensitive information. When a user plugs in a personal device, they can’t be sure
what is contained on the hard drive or whether a virus or malware has been introduced. When a printer/scanner is connected to the wireless network of the home owner, they may be creating additional risk. Connecting a device to the Wi-Fi makes it easy for someone to breach and gain access to the
printer and any stored documents if firmware or settings are weak. Newer printers/scanners come standard with remote firmware, advanced security, and a hard drive that can be wiped clean of existing data. Some even provide enhanced features such as Encrypt Data at Rest or the ability to send threat notifications to event management (SIEM) tools. But even the newer models can pose risks if they are unmanaged. The firmware and software on personal devices are less likely to be updated on a regular schedule than company devices. Unless organizations provide their own company issued machines, maintaining control over which devices are used and how often they are updated will be nearly impossible.

2. RISKS ASSOCIATED WITH IMPROPER DOCUMENT DESTRUCTION & DISPOSAL

All companies have information that they want to keep secure from others. Accordingly, employees who work with or have access to a company’s intellectual property, privacy and data protected information, and/or information the company has received under a contractual non-disclosure agreement are expected to properly store and dispose of confidential information. Especially for these employees, printing from home can be a vector for data breaches that can lead to legal, financial, and reputational risk. Limit hard copy storage; it should be scanned and saved in a secure network environment. To the extent that confidential hard copy materials are printed, organizations should think about requiring their employees to retain all confidential documents in secure (locked) locations in their homes, such as a locked cabinet or drawer until they are able to return to the office to place them in a secure shred bin.
Additionally, when hard copies are no longer needed, employees should not discard the printed materials in their ordinary trash, as they could be picked up by outside parties. Instead, using document shredders to destroy any sensitive information is crucial. Many professionals writing on this topic  recommend that their shredder cut the documents into vertical and horizontal confetti-like pieces (cross-cut shredding).

3. COST CONTAINMENT

Consider how difficult it could be to manage the toner and supply costs for an unmanaged device. Employees commonly put expenses on the company card or seek reimbursement. These costs can be easily overlooked by the organization, but accrue substantial expenses over time. Additionally, the cost of ink and toner for your standard in-home inkjet printers is much more expensive than that of your standard in-office laser printers, making it difficult for organizations to budget and control the costs of printing. You should also consider how many small devices don’t have the luxuries, like scanning, that come with your typical office machine, which could create a need for further expenses in the form of a table top scanner. Organizations that provide company-issued printer/scanners will have stronger control over all of these factors, and be able to monitor costs in a much more transparent way.

HOW TO DEPLOY A SECURE MPS PROGRAM IN A PRINT-FROM-HOME WORK ENVIRONMENT

Smaller home office printer/scanners and proper document disposal equipment can be implemented, as well as print monitoring devices that will help you to monitor and manage ongoing printing costs. There are two ways to monitor usage on volume and consumables; via DCA (Data Collection Agent) and via email notification.

DCA REMOTE MONITORING SOLUTION - A DCA connects directly to the employees’ computer at their remote location. This allows for the monitoring of the home office printer.
There are two ways to install a DCA:
1. It may be installed onb a corporate server, so when the user connects to VPN, they are connecting to the server
2. The DCA may be installed on a Raspberry Pi, which is a small, credit-card sized monitoring device

EMAIL NOTIFICATIONS SOLUTION

You can be notified of supply and end-of-life alerts by email in your printer settings. You can also receive notifications for meter readings and service alerts. Counter information managed by the printer can be sent to a registered destination email address. The above notification capability is
dependent on the manufacturer model selectable alerts for toner cartridge, imaging unit, maintenance kit and counters. The supplies low notification is alert based. This means the moment the level drops under a predefined registered level the notification is sent to the registered destination email.
The counter information is schedule based. This means a specific notification schedule, daily, weekly, or monthly, can be registered to send the notification to the registered destination email.

Prerequisites for the e-Mail notification solution to work include:

  • The manufacturer model must be equipped with the supplies low and counter notification features
  • The supplies low notification is event-driven, meaning the notification is triggered only once when the toner or ink level drops under the level set to report the supplies low level
  • The supplies low and counter notification must be configured on each printer

Work from home is here to stay, so consider how you can help your employees do so in a way that helps them capitalize on all the benefits of a remote work scenario, while protecting the organization from data vulnerabilities. A secure print from home solution is a crucial aspect of your business
continuity plan.

Want to learn more? Contact WJ Office at 828.264.3283 or email info@wjoffice.com