Sharp Solutions Consultant talks Data Security, GDPR, and MFPs
With the digitisation of the workplace and the increasing use of devices which connect to the network and to each other, information can be easily stored, shared, and accessed by numerous people within the business - and externally, too. That’s good news for productivity, but it does mean that businesses need to make data security a high priority to make sure these new access points are safe from threats.
Security expert Gary Mellor, Senior Solutions Consultant for Sharp Business Systems UK, hosted a session on Data Security at our recent Inspire event all about security - changing technologies, security threats, GDPR - and what that means for today's businesses.
"Data security is now a global issue. We see and hear of high profile data breaches on a daily basis and all organisations face increasing challenges in securing their business from cybercrime, guarding against the breach of data as well and conforming to the impending GDPR regulations," begins Gary.
What is GDPR?
For those not yet familiar with GDPR, you need to be. GDPR (General Data Protection Regulation) will replace legislation from the 1995 EU Data Protection Directive on 25th May 2018, and is there to protect the security of personal data and bring it up to date with current, previously unforeseen ways that data is collected, stored, and used.
Gary explained: "All businesses of any size that hold personal data on an EU citizen must comply to the regulation. Managing or processing personal data in a secure way, strengthening the rights of individuals and reducing the risk of a loss of personal data are core to the new regulation.
"GDPR sees an increase in potential financial penalties for businesses that do not comply and especially where data breaches occur with fines of up to 20 million Euros or 4% of global annual turnover."
As you can see, the penalties for not complying with this new regulation can be a real threat to any business that hold personal data. But, what does hold mean, exactly?
"Copying, scanning or printing in GDPR terms are forms of “processing data” and as such fall within the regulation. All businesses should be reviewing how they use people’s personal data and where needed introduce policies and practices to ensure personal data is secure. This includes when working with personal data on a printing and scanning device," explained Gary.
Sharp's Multi-Layered Approach to Security
To keep your data safe, Sharp offers a multi-layered approach to security, focusing on Controlled User Access, Network and Document Security.
"Controlling access to the MFP device is important in order to overcome the threat of unwanted use of the equipment. Most MFPs are connected to the network and so can be hacked just like a PC. Sharp can provide a wealth of built-in access control options such as user authentication through an integration with LDAP, Active Directory & ID card reader support," said Gary.
And when it comes to document security: "Ensuring company data and personal data is secure and controlled is important for any organisation and again we can offer many built-in features," explains Gary. "Serverless Print Release, scanning as an Encrypted PDF, encrypted email and encrypting data whilst on the device to name but a few."
Sharp's Data Security Kit
"Sharp were the first MFP manufacturer to offer a Data Security Kit back in 2001” explained Gary, “and this security kit offered data encryption and the secure erase of data and was Common Criteria certified."
"Data encryption and secure erase is now included as a standard feature built within many models of the current range [of MFPs]. It simply needs enabling by your engineer."
Sharp's continues to focus on security, explains Gary: "Sharp has recently become the first MFP manufacturer to offer an Office based device that has been tested and certified against the government-designed stringent Hard Copy Device Protection Profile standard. This offers the ultimate level of security within the device, with many features disabled whilst enforcing and enabling many of the devices security capabilities."
Gary continued his security session detailing how you can secure your data through the MFP.
"Strengthening the security of the MFP as it sits on the network using the latest networking technologies will help reduce the risk of a loss of data and a security breach. Use encryption to protect data that is on the device and enable secure data erase functions. Or you could add the full Data security kit for any capable device."
Having visibility of who accessed your systems and when is important, too, explained Gary.
"Accountability and traceability are important within GDPR and we can help in this area through the inbuilt audit trail features on Sharp MFPs or by integrating with a central print management solution that will offer additional management and control of what is being printing, by who on which device. In some cases, specific GDPR-based print management features help enforce the consumer rights created by GDPR including “Right to Access” and “Right to be Forgotten”.
While just touching the tip of this digital-security iceberg, Gary concluded, and reminded, that security also applies to paperwork.
"Paper is inherently insecure—it is difficult to trace and easy to remove or misplace. We can integrate in a number of market leading document capture solutions and additionally provide electronic document management software that will help streamline the conversion of paper based documents and help secure, share and manage the electronic document."
If you'd like to find out more about security, GDPR and how our MFPs can work for your organisation, please Get In Touch.
European PR Manager