Mobility in the Security-Conscious Office

Mobility in the office is much more than simply a BYOD (Bring Your Own Device) phenomenon. The pervasive nature of mobile computing fueled by the rising use of tablets, smartphones, and cloud-based content has transformed today’s office environment. Mobilization of the workforce is now in full swing, and organizations are investing in mobile technologies and cloud-based solutions to drive worker productivity.

At the same time, content security has become a chief concern for every organization. While users demand 24/7 access to information, there is an obvious need to balance the convenience that comes from the mobilized office with the need for securing data and protecting content integrity.

Due to potential security issues, mobile technology often gets a bad rap. It is, however, one of many elements enabling the shift to the digital office, which today has less to do with migrating to a paperless environment and more to do with information accessibility. Businesses are generating and consuming massive amounts of content, both in electronic and hard copy form. Ensuring access to that information so that employees can work when and where they want is a growing challenge that is putting increased pressure on organizational security.

The MFP has become a productivity asset for mobile knowledge workers, but organizations are often unaware of the security risks that come along with this advanced functionality. IDC says that by the end of 2015, only 15 percent of large organizations will have adequate mobile security governance for process and policy1.

Today’s smart MFPs have basically become both an on-ramp and off-ramp to the network. Documents can now be scanned directly to email, to the server, or to a cloud-based application. Advanced mobile printing features enable office workers to easily print from their mobile devices. Automated workflow solutions allow users to scan documents directly into front- and back-office systems. Users are even able to utilize their own tablet or other mobile device as a personal interface for the MFP itself, which further enables mobile document workflow.

When it comes to mobile security strategies, the focus tends to be on preventing hackers from entering the corporate network through an employee’s tablet or smartphone. Nevertheless, the security threat posed by mobile technology integration goes well beyond the need to manage devices as a network end point. Exposure of critical business data is a growing concern that businesses must manage closely as the trend toward mobilizing the workforce continues.

This is particularly true when it comes to the document infrastructure. Today, there is a wide variety of solutions available to address specific problems associated with managing content security.

Orphaned Print Jobs

Mobile print solutions allow users to print from anywhere, at any time, and retrieve documents when and where they are needed. This functionality frees the user from reliance on a single output device, but it also increases the threat posed from orphaned print jobs: those files that are sent to the device and printed only to be left unattended in the output tray or perhaps never retrieved. Left in the open, these printed documents potentially place sensitive corporate information in the hands of the wrong individual, which means that vital information could be leaked outside of the organization. This is a significant security risk considering that users could be printing sensitive financial material, trade secrets, or even data from private employee records.

Secure printing technologies, such as pull printing and follow-me printing, provide an added layer of security in the document environment by holding print jobs, even those that originate from mobile devices, until they are released at the network device. Rather than sending print jobs to specific printers or MFPs, files are routed to a secure server that could reside on premise or in the cloud. Employees can then retrieve output at their convenience simply by logging in and releasing the print job from any supported device. Users are required to authenticate themselves at the MFP by swiping an ID card or entering a personal identification number (PIN) before the print job is released, which strengthens content security and virtually eliminates the threat posed from orphaned print jobs.

Scan Data Leakage

Scan-to-email is a common feature that is used widely in many corporate environments. Most organizations use scan-to-email for distribution of paper-based information to individuals both inside and outside the company. While it may not be intended or malicious, your employees could be sending confidential information to outsiders, perhaps competitors, and this may be harder to monitor in a mobile and BYOD environment.

Data leakage from scanned documents can be controlled by leveraging document capture and workflow solutions integrated at the smart MFP, allowing for control within the organization regardless of the source. Some solutions allow IT managers to place content filters within the scan-to-email application that restrict user access to various documents based on specified criteria. For example, content filters could search for terms such as “confidential” or “non-disclosure.” The solution can be programmed to take any number of actions once the string is identified, including automatic encryption prior to sending, or perhaps quarantine the file completely.

Digital Rights Management

The flexibility and immediacy provided by mobile technologies and digital content has made it simple for knowledge workers to capture and distribute information. Document encryption is one of the most essential and recognizable ways for businesses to protect documents sent as email attachments. While document encryption can protect content while it is on the way to the recipient, that protection usually stops once the document has been opened. The threat is significant, but for many organizations it remains unmeasured. It is risky to assume that content is being used solely by the individuals for whom it was originally intended.

Organizations should look to integrate Digital Rights Management (DRM) solutions at the MFP to protect content and further manage how information is accessed, stored, and shared in the cloud. With DRM technologies, the document owner or corporate IT department can manage permissions to open, view, download, print, copy, paste, or forward content directly from within the document itself, even if it has been downloaded by a user or device not under the company’s control. Embedding these security controls within the document helps to ensure that sensitive corporate information does not fall into the wrong hands.

Mobility is not going away. Sales of mobile business and productivity apps continue to rise. According to a study from IDC, by 2017 IT organizations will dedicate at least 25 percent of their software budget to mobile application development, deployment, and management1. It is critical to understand and adapt to these changes, and use the tools and technologies available to ensure that the mobile office is also a secure one.

1 IDC FutureScape: Worldwide Mobile Enterprise Applications and Solutions 2015 Predictions

 

Back to blog index   |    Back to main page