May 8th, 2013
We’ve all heard the news stories about massive data breaches that result in personal information being stolen from tens, even hundreds of thousands of customer accounts. These days it seems such reports have become all too commonplace.
But unless you’ve been victimized personally by such a malicious infiltration, or you’re the CTO of a company that failed to adequately safeguard its customers’ private information, much of the media’s buzz regarding cyber security likely triggers little more than a “glad it’s not me” attitude.
However, while many of the companies that grace the news with such ignominious headlines can afford to overcome their mishaps in terms of both bottom-line damage and negative PR, small businesses could find themselves in dire straits as the result of insufficient data-protection policies and/or procedures.
As reported by Info Security Magazine, a study conducted by the Poneman Institute (an independent researcher of data protection and emerging data security technologies) shows the extent to which a single malicious breach impacts an organization’s balance sheet. Using data compiled in 2012 through the polling of 3,529 IT and IT security professionals in eight countries (the US, Canada, the UK, Australia, Brazil, Japan, Singapore, and the UAE), Poneman’s findings conclude that on average, a single malicious data breach cost each affected organization $840,000 in overall impact—a significant chunk of change for most small businesses.
What’s being done to address the ever-present threat of data infiltration? Cyber security technology provider McAfee is on the bleeding edge of the industry’s efforts to thwart not only the criminals who continuously pursue network security flaws, but also the company employees who unwittingly open the door to such malicious activities.
Security experts from McAfee and Xerox teamed-up to produce a timely and extremely informative webcast, “SMB Security Guide for Innovating in Today’s Ever-Changing Technology Ecosystem,” which is now available for online viewing by anyone who wants to ensure they’re doing everything they can to protect their own and/or their customers sensitive information.
As you know by now, whether you’re an IT professional with a large enterprise or the owner of a small business, data protection is something few can afford to ignore.
February 5th, 2013
A CDW study published in October 2012 finds that, “small businesses get a competitive lift from their employees’ use of
mobile devices and that employees mostly deliver it by bringing their own smartphones, tablets and even laptops to their jobs, with small business IT managers working to catch up.”
Bring Your Own Device, or BYOD as it’s known, is a logical evolutionary step in the ‘consumerization of IT’ process, which we’ve seen gain substantial momentum since the PC revolution of the mid-to-late 1990s allowed companies to begin providing desktop workstations for their employees.
According to a recent ZDNet article, “Consumerization of IT, BYOD and mobile device management,” which discusses BYOD in terms of enterprises but which also is relevant to small businesses, the percentage of enterprises that support BYOD increased from 72 to 76 percent between 2011 and 2012.
But what are those companies doing to ensure data security?
As stated in the ZDNet piece, “Consumerization of IT is not going away, so enterprise IT managers cannot simply bury their heads in the sand. The challenge is to accommodate the ‘work anywhere, anytime’ productivity and user satisfaction benefits that consumerization and BYOD can bring, while retaining enough control to keep company data secure and compliance requirements satisfied.”
And according to the CDW study, their survey found that the current downside to BYOD is that “Just half of small business IT managers believe their company has an effective strategy to manage mobile devices.”
I encourage you to read the CDW and ZDNet pieces to which I’ve linked from this post, and keep checking the Office Solutions blog for future updates on the ways in which Xerox helps small businesses evolve in tandem with the latest workplace technology trends and developments.
January 30th, 2013
For small business owners, “It’s getting to a point where it’s very difficult to ignore technology,” said analyst Laurie McCabe, co-founder and partner of the SMB Group, a market research firm.
While that statement might seem obvious, it’s also true that what sometimes feels like an overwhelming barrage of technology-related marketing and sales calls can cause many small-business owners to tune out and ignore the real benefits provided by the right office solutions.
The article that quotes Ms. McCabe was published on the SmallBusinessComputing.com website. The piece, “Small Business IT Trends to Watch in 2013,” goes on to cover some of the small-business technology trends McCabe suggests will be embraced by the most successful small businesses.
The article lists, and expands upon, the following suggested areas of focus from McCabe’s “SMB technology market predictions for 2013” blog article:
- Social Media
- Big Data
- The Cloud
- Data Protection
Over the next few weeks I’ll be covering these and other technology trends I believe should be understood and/or deployed by small business as part of their strategy for success in 2013 and beyond.
In the meantime I’d love to hear your thoughts about social media marketing, Big Data, The Cloud, data protection or any other suggested points of focus related to day-to-day small-business operations.
October 1st, 2012
IT departments, big and small, are challenged every day on multiple fronts. They wear a number of different hats from security guard for their network to environmentalist trying to keep their companies’ carbon footprint to a minimum. All while trying to contain or reduce costs in their department. IT professionals are similar to the one-man-band I wrote about a few weeks back on multifunction printers.
Recently InfoTrends, a leader in worldwide market research published a whitepaper on the challenges of the IT professional. In it they refer to information security, cost savings and sustainability as some of the top challenges. These economic times have put a lot of pressure on IT departments to reduce cost without sacrificing productivity. This whitepaper encourages companies looking to meet these demands to consider Xerox Solid Ink multifunction printers (MFPs).
Check it out and let us know what you think and if there are other concerns that could be addressed by solid ink technology.
April 5th, 2012
Whether you are a small business or a large enterprise considering a multifunction printer (MFP), the purchase conversation often turns to affordability, functionality, image quality, even sustainability. All critical features for sure, but one that can often be overlooked is MFP security. And while security elements may not be touted like color quality, or low ink prices or printer speed, they can be equally, if not more important.
We introduced the ColorQube 8700 and ColorQube 8900 color multifunction printers earlier this week, and quite simply, they were built with security top of mind. With more than 50,000 new security threats emerging each day, offering the highest level of protection to our customers isn’t just nice-to-do, it’s a requirement. The MFPs come equipped with world-class security features like secure print, password protection, common access card readers and encryption software. And they cover four major aspects of security – the document, MFP, access control, and network. Specifically:
- User Permissions improvements that provide the most network-friendly authentication and authorization capabilities from any manufacturer. In this iteration, authentication is based on role, either pre-defined or custom as specified by the customer. For example, a user’s permission to print can be controlled, and of course tracked and audited, making regulatory compliance with Health Insurance Portability and Accountability Act a snap.
- For scanning to email, SMTP over SSL is now available to protect the mail transport channel. For network scanning, PDF files can be password protected. Optical Character Recognition software comes standard on the high speed model.
- A new software verification feature provides the ability to remotely ensure the integrity of the multifunction printer’s installed software.
Of particular interest in government settings:
- Within a Common Access Card (CAC) environment, encrypted email can be sent to others in the PKI that have entries in the public address book. Also new for both CAC and PIV is support for 144K cards, 2048-bit certificates and .P7B type certificates.
- Continued availability of Federal Information Processing Standard 140-2 validated crypto with upgraded minimum key lengths to meet new stricter National Institute of Standards and Technology requirements.
This laundry list of security features may not impact every customer. But increasingly, security concerns and features that minimize these risks are top of mind for businesses of all sizes, and we remain focused on staying one step ahead of vulnerabilities.
Do you have a question or need help with your MFP security? Let us know in the comments below.
February 17th, 2012
Doug Tallinger, Platform Planning Manager Xerox Global Development Group
When it comes to securing printers and multifunction printers (MFPs), Xerox has a long history and proven track record of innovation. I know first-hand as I’ve helped design and develop many of the security features in our products. We were the first to introduce Secure Print which allows you to print documents only after you type in a PIN at the front panel. And when our customers started asking for removable hard drives they could remove and replace daily, we introduced an additional mode of Image Overwrite which overwrites the print/copy/scan/fax data immediately after the job is completed. The philosophy of providing comprehensive security as part of our standard feature set remains today. We even have a dedicated web site with RSS feeds, assurance data and vulnerability patches when necessary.
Like most high-tech business tools, multifunction printers contain computers which make them a vulnerable entry point into an organization’s network and private databases. So earlier this week, Xerox announced we are teaming up with McAfee to extend the security protection profile of our products. This new level of protection will help us stay ahead of the new and sophisticated security threats emerging every day.
We want our solution to be easy for IT and our small business professionals and do not want to add the burden of additional daily tasks such as building new security profiles or running anti-virus updates. We’ve determined integrating McAfee software into Xerox technology along with white listing, whereby the MFP’s factory installed files are protected as part of an approved list, would be a perfect fit. In fact, any other file access – read, write, add, modify and execute – is considered malicious. Stated simply, ‘known is good, anything unknown is bad’. The solution will also be designed to automatically report security events to help our customers track and investigate potential issues. This extends security on multifunction printers to a whole new dimension which has typically only been present on devices such as ATMs.
I am excited to be a part of this new initiative that will ensure our MFPs are compliant endpoints that work within our customers’ extensive security policies. With the dizzying array of industry compliance regulations and new threats, it’s more important than ever to remain vigilant.
November 4th, 2011
I can still hear my mom yelling at me from the car, “Did you remember to lock the door”. As kids, you learned how to keep your homes safe and now you do the same for your office network. I’m sure you consider security for your computers, servers and networks, but do you consider your multifunction printers (MFPs)? Nowadays most MFPs have built-in processors and hard drives – pretty sophisticated pieces of equipment. Here are three things you should do with your MFP to keep your valuable data safe.
Change the locks
When buying a house the first rule of thumb is “change your locks”. You never know who has a set of keys. Most multifunction printers come with a factory set password that allows access to all the functions on the MFP. These default passwords are also listed in the user guides and those guides are posted on the Internet for anyone to see. Your office or IT Administrator should reset the factory password when they are setting up the product for the first time.
Keep your doors locked
You’d never leave your house without securing the doors. Restricting access to your MFP is another way to keep your data safe. To authorize use, you can set a password or even install a swipe card system ID badge to serve as the key to unlock the MFP. Or use a simpler scheme where a PIN has to be entered to retrieve documents sent to the MFP.
Don’t leave anything behind
When you move out of your house you take everything with you and recycle what you don’t need. MFP hard drives should be treated the same way. Hard drives are easily accessible and should be removed at the end of life. During normal operation, you should perform a wipe where all the data on the hard drive is digitally shredded. Never leave any data on the hard drive – especially personal or confidential information.
Keep your MFPs safe just like you do your home. You can read more on MFP security at www.xerox.com/security, share your tips or ask questions here.