You may have smart-card access securing the physical entrance to your building, encrypted network login, and IP filtering to protect network access, but what are you doing to manage the information flowing in and out of your company’s scanners, copiers, and printers?
One of the biggest issues with multifunction devices (MFD) security is the scan-to-email function. By integrating directly via Exchange or Notes, a company will route emails through the MFD, but the log is recorded on the user's email account as if they had sent the email from their desktop.
Even more important is the fact that attachments recorded with the email log do not always come into play with MFD scan-to-email routed directly through the SMTP mail server.
This means, without integrating through Exchange or Notes, if confidential information gets leaked via a scan-to-email route, there’s no way of identifying the culprit.
The first step to limiting this security risk is to require authentication on all communication and scanning devices, thus making an audit trail that can be followed in the event of a hack. The process to do this is relativity simple. The network administrator just needs to set up a capture phase, a processing phase, and a route. The capture phase is the MFP or scanner, and the destination route can be the e-mail delivery system, FTP folder, desktop location, etc.
Administrators can set up all scanning workflows to follow a set procedure, such as:
- User authenticates at the device, instantly starting the audit trail.
- Scanning is carried out.
- Image is fed into an OCR application for conversion into a searchable text format. The searchable file is passed to a customized program that performs a security content filter/sweep looking for “hot” words, codes, names, etc.
- If no “hot” words are detected, the data continues on its way to its final destination.