SlideShare a Scribd company logo

16 Things You Should be Doing to Secure Print and Documents

Nuance Communications
Nuance Communications

The document outlines 16 things organizations should do to secure prints and documents, including understanding exposure to printers, setting high security standards for printers as for servers, enabling all available security features, establishing an overall security framework, implementing 24/7 monitoring of connected devices, creating clear security policies, and properly onboarding and offboarding employee access.

1 of 24
Download to read offline
16 things you should be doing to secure print and documents
Shahid Shah CTO, Citus Health, Inc. Dan Lohrmann Chief Security Officer, Security Mentor, Inc. Scott Schober Cybersecurity Expert & Author of Hacked Again Stacy Leidwinger VP of Product – Imaging, Nuance Robert Stasio Managing Director, Dreamit Ventures Tyler Carbone COO, Terbium Labs Mark Gross Senior Principal Product Manager, Nuance
Hardware & Software Processes Data People
Understand the exposure “What is the one solution that everyone in your organization has access to and is accessed by many of your key business systems? It is your printer. Yet when it comes to data security, all too often it is the one area that is overlooked.” Stacy Leidwinger, VP of Product – Imaging, Nuance
Set higher standards “Hold printer and fax device manufacturers to the same level of scrutiny as computer servers. Print/fax have the same baseline security vulnerabilities but then they are more vulnerable because there are additional capabilities which other servers don’t have.” Shahid Shah, CTO at Citus Health, Inc.
Enable all security “Enable the security features that are available, including stronger Wi-Fi security settings. Follow best practices. Do an assessment of current configurations—know what you have in place now. Change default settings and passwords.” Dan Lohrmann, Chief Security Officer at Security Mentor, Inc.
Establish a security framework “Focus on hygiene (updates, best practices, etc.), implement the best defensive technologies you can, and set up within a risk management framework that minimizes damage if a breach occurs and ensures that operations can continue after it does.” Tyler Carbone, COO at Terbium Labs
Implement 24/7 monitoring “The best prevention mechanism with connected devices is monitoring. There are multiple vendors in the IoT space which can look at a network tap and monitor threats across all connected devices.” Robert Stasio, Managing Director at Dreamit Ventures
Hardware & Software Processes Data People
Create clear policies “Writing a clear internal policy is essential to print and document security. When printed documents are not removed from the outbound print tray, they need to have a short life before they need to be shredded.” Scott Schober, Cybersecurity Expert & Author of Hacked Again
Minimize vulnerabilities “Check workflows associated with the utilization of fax and printing—encourage their use when it makes sense but remove the steps from workflows where security is more important than convenience.” Shahid Shah, CTO at Citus Health, Inc.
Use tools that reduce risk “Obtaining signatures can add layers of documents as you need to print, scan, and email. These stages allow sensitive data to be at risk of being copied or intercepted. Utilize tools such as DocuSign to maintain security and minimize all the extra printing.” Scott Schober, Cybersecurity Expert & Author of Hacked Again
Automate processes “The best process is one that is automated. The more processes you can automate, the less security risk you will face and you will have an auto-generated audit trail for internal and external audits.” Stacy Leidwinger, VP of Product – Imaging, Nuance
Hardware & Software Processes Data People
Audit your data “Start implementing auditing of storage on print/ fax servers to see what data is being left on those devices that could potentially be exploited.” Shahid Shah, CTO at Citus Health, Inc.
Go digital “A significant amount of print is created simply to access a single piece of information within a larger dataset, after which the entire printout is discarded. Converting back-office print to electronic delivery gives the user access to the information without the risk of ink on paper or the waste of resources.” Mark Gross, Senior Principal Product Manager, Nuance
Add intelligence “By adding intelligence and rules you can ensure that private information is never even inked on the page. Data security starts with ensuring that only the information allowed to be printed for viewing is printed.” Stacy Leidwinger, VP of Product – Imaging, Nuance
Hardware & Software Processes Data People
Train and raise awareness “Microsoft Excel and Microsoft Word are two of the most commonly used business programs, yet many users do not utilize the password protection feature to restrict unauthorized users from opening and/or modifying the document.” Scott Schober, Cybersecurity Expert & Author of Hacked Again
Respect user experiences “Convenience drives compliance. When enforcing print security measures, you need to make it seamless for your workers so they will not look for ways to bypass the security you have in place.” Stacy Leidwinger, VP of Product – Imaging, Nuance
Actively review activity “Companies implement print and scan management software which capture audit logs and reports of user activity, but then fail to review the logs for suspicious activity (e.g. significant printing after-hours). Regular reviews can identify security issues earlier.” Mark Gross, Senior Principal Product Manager, Nuance
On and offboard access “A critical step many companies overlook is to ensure when an employee leaves, retires, or is terminated, their access to the network is revoked so they cannot download any sensitive documents.” Scott Schober, Cybersecurity Expert & Author of Hacked Again
1 Understand the exposure 2 Set higher standards 3 Enable all security 4 Establish a security framework 5 Implement 24/7 monitoring 6 Create clear policies 7 Minimize vulnerabilities 8 Use tools that reduce risk 9 Automate processes 10 Audit your data 11 Go digital 12 Add intelligence 13 Train and raise awareness 14 Respect user experiences 15 Actively review activity 16 On and offboard access Ensure print and document security
Learn how to minimize your print security risks at nuance.com/DocumentsAreDangerous

Recommended

2019 Cybersecurity Predictions
2019 Cybersecurity Predictions2019 Cybersecurity Predictions
2019 Cybersecurity Predictions
Nuance Communications
 
Cyber Security College Workshop
Cyber Security College WorkshopCyber Security College Workshop
Cyber Security College Workshop
Rahul Nayan
 
Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019
PECB
 
Cyber security-report-2017
Cyber security-report-2017Cyber security-report-2017
Cyber security-report-2017
NRC
 
2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public Sector2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public SectorScott Geye
 
Cyber Security Threats and Data Breaches
Cyber Security Threats and Data BreachesCyber Security Threats and Data Breaches
Cyber Security Threats and Data Breaches
Bijay Senihang
 
The Future of Cyber Security
The Future of Cyber SecurityThe Future of Cyber Security
The Future of Cyber Security
Stephen Lahanas
 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurity
sommerville-videos
 

Recommended

2019 Cybersecurity Predictions
2019 Cybersecurity Predictions2019 Cybersecurity Predictions
2019 Cybersecurity Predictions
Nuance Communications
 
Cyber Security College Workshop
Cyber Security College WorkshopCyber Security College Workshop
Cyber Security College Workshop
Rahul Nayan
 
Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019Top Cyber Threat Predictions for 2019
Top Cyber Threat Predictions for 2019
PECB
 
Cyber security-report-2017
Cyber security-report-2017Cyber security-report-2017
Cyber security-report-2017
NRC
 
2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public Sector2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public SectorScott Geye
 
Cyber Security Threats and Data Breaches
Cyber Security Threats and Data BreachesCyber Security Threats and Data Breaches
Cyber Security Threats and Data Breaches
Bijay Senihang
 
The Future of Cyber Security
The Future of Cyber SecurityThe Future of Cyber Security
The Future of Cyber Security
Stephen Lahanas
 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurity
sommerville-videos
 
Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gaps
IBM Security
 
Extending CyberSecurity Beyond The Office Perimeter
Extending CyberSecurity Beyond The Office PerimeterExtending CyberSecurity Beyond The Office Perimeter
Extending CyberSecurity Beyond The Office Perimeter
Veriato
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber security
SAHANAHK
 
What is Cyber Security - Avantika University
What is Cyber Security - Avantika UniversityWhat is Cyber Security - Avantika University
What is Cyber Security - Avantika University
Avantika University
 
Top 8 Cybersecurity Trends 2020
Top 8 Cybersecurity Trends 2020Top 8 Cybersecurity Trends 2020
Top 8 Cybersecurity Trends 2020
Shawn Nutley
 
CSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistCSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew Rosenquist
Matthew Rosenquist
 
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
Symantec
 
ACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of securityACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of security
siswarren
 
Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Enterprise Cyber Security 2016
Enterprise Cyber Security 2016
Supply Chain Coalition
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
Krutarth Vasavada
 
NCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and ResourcesNCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and Resources
Stephen Cobb
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
rahulbhardwaj312501
 
Cyber security-in-india-present-status
Cyber security-in-india-present-statusCyber security-in-india-present-status
Cyber security-in-india-present-status
Rama Reddy
 
Outlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityOutlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber Security
Mastel Indonesia
 
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Knowledge Group
 
2017 Cybersecurity Predictions
2017 Cybersecurity Predictions2017 Cybersecurity Predictions
2017 Cybersecurity Predictions
PaloAltoNetworks
 
Introduction to the concept of it security
Introduction to the concept of it securityIntroduction to the concept of it security
Introduction to the concept of it security
RAVIKUMAR Digital Signal Processing
 
Cyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measuresCyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measures
CBIZ, Inc.
 
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Knowledge Group
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Illumeo
 
Kofax Document Security
Kofax Document Security Kofax Document Security
Kofax Document Security
Kofax
 
Mike Spaulding - Building an Application Security Program
Mike Spaulding - Building an Application Security ProgramMike Spaulding - Building an Application Security Program
Mike Spaulding - Building an Application Security Program
centralohioissa
 

More Related Content

What's hot

Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gaps
IBM Security
 
Extending CyberSecurity Beyond The Office Perimeter
Extending CyberSecurity Beyond The Office PerimeterExtending CyberSecurity Beyond The Office Perimeter
Extending CyberSecurity Beyond The Office Perimeter
Veriato
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber security
SAHANAHK
 
What is Cyber Security - Avantika University
What is Cyber Security - Avantika UniversityWhat is Cyber Security - Avantika University
What is Cyber Security - Avantika University
Avantika University
 
Top 8 Cybersecurity Trends 2020
Top 8 Cybersecurity Trends 2020Top 8 Cybersecurity Trends 2020
Top 8 Cybersecurity Trends 2020
Shawn Nutley
 
CSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistCSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew Rosenquist
Matthew Rosenquist
 
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
Symantec
 
ACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of securityACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of security
siswarren
 
Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Enterprise Cyber Security 2016
Enterprise Cyber Security 2016
Supply Chain Coalition
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
Krutarth Vasavada
 
NCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and ResourcesNCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and Resources
Stephen Cobb
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
rahulbhardwaj312501
 
Cyber security-in-india-present-status
Cyber security-in-india-present-statusCyber security-in-india-present-status
Cyber security-in-india-present-status
Rama Reddy
 
Outlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityOutlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber Security
Mastel Indonesia
 
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Knowledge Group
 
2017 Cybersecurity Predictions
2017 Cybersecurity Predictions2017 Cybersecurity Predictions
2017 Cybersecurity Predictions
PaloAltoNetworks
 
Introduction to the concept of it security
Introduction to the concept of it securityIntroduction to the concept of it security
Introduction to the concept of it security
RAVIKUMAR Digital Signal Processing
 
Cyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measuresCyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measures
CBIZ, Inc.
 
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Knowledge Group
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Illumeo
 

What's hot (20)

Breaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gapsBreaking down the cyber security framework closing critical it security gaps
Breaking down the cyber security framework closing critical it security gaps
 
Extending CyberSecurity Beyond The Office Perimeter
Extending CyberSecurity Beyond The Office PerimeterExtending CyberSecurity Beyond The Office Perimeter
Extending CyberSecurity Beyond The Office Perimeter
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber security
 
What is Cyber Security - Avantika University
What is Cyber Security - Avantika UniversityWhat is Cyber Security - Avantika University
What is Cyber Security - Avantika University
 
Top 8 Cybersecurity Trends 2020
Top 8 Cybersecurity Trends 2020Top 8 Cybersecurity Trends 2020
Top 8 Cybersecurity Trends 2020
 
CSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew RosenquistCSE 2016 Future of Cyber Security by Matthew Rosenquist
CSE 2016 Future of Cyber Security by Matthew Rosenquist
 
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
 
ACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of securityACS Talk (Melbourne) - The future of security
ACS Talk (Melbourne) - The future of security
 
Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Enterprise Cyber Security 2016
Enterprise Cyber Security 2016
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 
NCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and ResourcesNCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and Resources
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber security-in-india-present-status
Cyber security-in-india-present-statusCyber security-in-india-present-status
Cyber security-in-india-present-status
 
Outlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityOutlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber Security
 
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
 
2017 Cybersecurity Predictions
2017 Cybersecurity Predictions2017 Cybersecurity Predictions
2017 Cybersecurity Predictions
 
Introduction to the concept of it security
Introduction to the concept of it securityIntroduction to the concept of it security
Introduction to the concept of it security
 
Cyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measuresCyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measures
 
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
Cyber Security Landscape and Systems Resiliency – Challenges & Priorities - T...
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 

Similar to 16 Things You Should be Doing to Secure Print and Documents

Kofax Document Security
Kofax Document Security Kofax Document Security
Kofax Document Security
Kofax
 
Mike Spaulding - Building an Application Security Program
Mike Spaulding - Building an Application Security ProgramMike Spaulding - Building an Application Security Program
Mike Spaulding - Building an Application Security Program
centralohioissa
 
Building an AppSec Team Extended Cut
Building an AppSec Team Extended CutBuilding an AppSec Team Extended Cut
Building an AppSec Team Extended CutMike Spaulding
 
Close the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote WorkforceClose the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote Workforce
jlieberman07
 
Security engineering 101 when good design & security work together
Security engineering 101 when good design & security work togetherSecurity engineering 101 when good design & security work together
Security engineering 101 when good design & security work together
Wendy Knox Everette
 
Foxtrot Division Capabilities Collection
Foxtrot Division Capabilities Collection Foxtrot Division Capabilities Collection
Foxtrot Division Capabilities Collection
Jeff Hunter
 
Data security in practice
Data security in practiceData security in practice
Data security in practice
Andres Kütt
 
Why security is the kidney not the tail of the dog v3
Why security is the kidney not the tail of the dog v3Why security is the kidney not the tail of the dog v3
Why security is the kidney not the tail of the dog v3
Ernest Staats
 
Many products-no-security (1)
Many products-no-security (1)Many products-no-security (1)
Many products-no-security (1)
SecPod Technologies
 
Cognitive Computing in Security with AI
Cognitive Computing in Security with AI Cognitive Computing in Security with AI
Cognitive Computing in Security with AI
JoAnna Cheshire
 
Windows Active Directory Security with IS Decisions
Windows Active Directory Security with IS DecisionsWindows Active Directory Security with IS Decisions
Windows Active Directory Security with IS Decisions
IS Decisions
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019
Ulf Mattsson
 
Complete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resourcesComplete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resources
IJNSA Journal
 
Integrating DevOps and Security
Integrating DevOps and SecurityIntegrating DevOps and Security
Integrating DevOps and Security
Stijn Muylle
 
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCESCOMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
IJNSA Journal
 
How to develop an AppSec culture in your project
How to develop an AppSec culture in your project How to develop an AppSec culture in your project
How to develop an AppSec culture in your project
99X Technology
 
Building an AppSec Culture
Building an AppSec Culture Building an AppSec Culture
Building an AppSec Culture
Nirosh Jayaratnam
 
Five Mistakes of Vulnerability Management
Five Mistakes of Vulnerability ManagementFive Mistakes of Vulnerability Management
Five Mistakes of Vulnerability Management
Anton Chuvakin
 
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Emrah Alpa, CISSP CEH CCSK
 
Asset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsAsset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt Labs
RedhuntLabs2
 

Similar to 16 Things You Should be Doing to Secure Print and Documents (20)

Kofax Document Security
Kofax Document Security Kofax Document Security
Kofax Document Security
 
Mike Spaulding - Building an Application Security Program
Mike Spaulding - Building an Application Security ProgramMike Spaulding - Building an Application Security Program
Mike Spaulding - Building an Application Security Program
 
Building an AppSec Team Extended Cut
Building an AppSec Team Extended CutBuilding an AppSec Team Extended Cut
Building an AppSec Team Extended Cut
 
Close the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote WorkforceClose the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote Workforce
 
Security engineering 101 when good design & security work together
Security engineering 101 when good design & security work togetherSecurity engineering 101 when good design & security work together
Security engineering 101 when good design & security work together
 
Foxtrot Division Capabilities Collection
Foxtrot Division Capabilities Collection Foxtrot Division Capabilities Collection
Foxtrot Division Capabilities Collection
 
Data security in practice
Data security in practiceData security in practice
Data security in practice
 
Why security is the kidney not the tail of the dog v3
Why security is the kidney not the tail of the dog v3Why security is the kidney not the tail of the dog v3
Why security is the kidney not the tail of the dog v3
 
Many products-no-security (1)
Many products-no-security (1)Many products-no-security (1)
Many products-no-security (1)
 
Cognitive Computing in Security with AI
Cognitive Computing in Security with AI Cognitive Computing in Security with AI
Cognitive Computing in Security with AI
 
Windows Active Directory Security with IS Decisions
Windows Active Directory Security with IS DecisionsWindows Active Directory Security with IS Decisions
Windows Active Directory Security with IS Decisions
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019
 
Complete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resourcesComplete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resources
 
Integrating DevOps and Security
Integrating DevOps and SecurityIntegrating DevOps and Security
Integrating DevOps and Security
 
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCESCOMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
 
How to develop an AppSec culture in your project
How to develop an AppSec culture in your project How to develop an AppSec culture in your project
How to develop an AppSec culture in your project
 
Building an AppSec Culture
Building an AppSec Culture Building an AppSec Culture
Building an AppSec Culture
 
Five Mistakes of Vulnerability Management
Five Mistakes of Vulnerability ManagementFive Mistakes of Vulnerability Management
Five Mistakes of Vulnerability Management
 
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
 
Asset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsAsset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt Labs
 

Recently uploaded

UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
UiPathCommunity
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
Vlad Stirbu
 

Recently uploaded (20)

UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
 

16 Things You Should be Doing to Secure Print and Documents

  • 1. 16 things you should be doing to secure print and documents
  • 2. Shahid Shah CTO, Citus Health, Inc. Dan Lohrmann Chief Security Officer, Security Mentor, Inc. Scott Schober Cybersecurity Expert & Author of Hacked Again Stacy Leidwinger VP of Product – Imaging, Nuance Robert Stasio Managing Director, Dreamit Ventures Tyler Carbone COO, Terbium Labs Mark Gross Senior Principal Product Manager, Nuance
  • 4. Understand the exposure “What is the one solution that everyone in your organization has access to and is accessed by many of your key business systems? It is your printer. Yet when it comes to data security, all too often it is the one area that is overlooked.” Stacy Leidwinger, VP of Product – Imaging, Nuance
  • 5. Set higher standards “Hold printer and fax device manufacturers to the same level of scrutiny as computer servers. Print/fax have the same baseline security vulnerabilities but then they are more vulnerable because there are additional capabilities which other servers don’t have.” Shahid Shah, CTO at Citus Health, Inc.
  • 6. Enable all security “Enable the security features that are available, including stronger Wi-Fi security settings. Follow best practices. Do an assessment of current configurations—know what you have in place now. Change default settings and passwords.” Dan Lohrmann, Chief Security Officer at Security Mentor, Inc.
  • 7. Establish a security framework “Focus on hygiene (updates, best practices, etc.), implement the best defensive technologies you can, and set up within a risk management framework that minimizes damage if a breach occurs and ensures that operations can continue after it does.” Tyler Carbone, COO at Terbium Labs
  • 8. Implement 24/7 monitoring “The best prevention mechanism with connected devices is monitoring. There are multiple vendors in the IoT space which can look at a network tap and monitor threats across all connected devices.” Robert Stasio, Managing Director at Dreamit Ventures
  • 10. Create clear policies “Writing a clear internal policy is essential to print and document security. When printed documents are not removed from the outbound print tray, they need to have a short life before they need to be shredded.” Scott Schober, Cybersecurity Expert & Author of Hacked Again
  • 11. Minimize vulnerabilities “Check workflows associated with the utilization of fax and printing—encourage their use when it makes sense but remove the steps from workflows where security is more important than convenience.” Shahid Shah, CTO at Citus Health, Inc.
  • 12. Use tools that reduce risk “Obtaining signatures can add layers of documents as you need to print, scan, and email. These stages allow sensitive data to be at risk of being copied or intercepted. Utilize tools such as DocuSign to maintain security and minimize all the extra printing.” Scott Schober, Cybersecurity Expert & Author of Hacked Again
  • 13. Automate processes “The best process is one that is automated. The more processes you can automate, the less security risk you will face and you will have an auto-generated audit trail for internal and external audits.” Stacy Leidwinger, VP of Product – Imaging, Nuance
  • 15. Audit your data “Start implementing auditing of storage on print/ fax servers to see what data is being left on those devices that could potentially be exploited.” Shahid Shah, CTO at Citus Health, Inc.
  • 16. Go digital “A significant amount of print is created simply to access a single piece of information within a larger dataset, after which the entire printout is discarded. Converting back-office print to electronic delivery gives the user access to the information without the risk of ink on paper or the waste of resources.” Mark Gross, Senior Principal Product Manager, Nuance
  • 17. Add intelligence “By adding intelligence and rules you can ensure that private information is never even inked on the page. Data security starts with ensuring that only the information allowed to be printed for viewing is printed.” Stacy Leidwinger, VP of Product – Imaging, Nuance
  • 19. Train and raise awareness “Microsoft Excel and Microsoft Word are two of the most commonly used business programs, yet many users do not utilize the password protection feature to restrict unauthorized users from opening and/or modifying the document.” Scott Schober, Cybersecurity Expert & Author of Hacked Again
  • 20. Respect user experiences “Convenience drives compliance. When enforcing print security measures, you need to make it seamless for your workers so they will not look for ways to bypass the security you have in place.” Stacy Leidwinger, VP of Product – Imaging, Nuance
  • 21. Actively review activity “Companies implement print and scan management software which capture audit logs and reports of user activity, but then fail to review the logs for suspicious activity (e.g. significant printing after-hours). Regular reviews can identify security issues earlier.” Mark Gross, Senior Principal Product Manager, Nuance
  • 22. On and offboard access “A critical step many companies overlook is to ensure when an employee leaves, retires, or is terminated, their access to the network is revoked so they cannot download any sensitive documents.” Scott Schober, Cybersecurity Expert & Author of Hacked Again
  • 23. 1 Understand the exposure 2 Set higher standards 3 Enable all security 4 Establish a security framework 5 Implement 24/7 monitoring 6 Create clear policies 7 Minimize vulnerabilities 8 Use tools that reduce risk 9 Automate processes 10 Audit your data 11 Go digital 12 Add intelligence 13 Train and raise awareness 14 Respect user experiences 15 Actively review activity 16 On and offboard access Ensure print and document security
  • 24. Learn how to minimize your print security risks at nuance.com/DocumentsAreDangerous