01732 759725
16
strategy, if there are any plans for review in
light of GDPR, as well as priority areas for
organisations viewed as crucial to keeping
the print environment secure.
Just over half (59 per cent), of those
polled were aware of the implications
of GDPR for their organisation and
when asked if to date, their organisation
had conducted a personal data impact
assessment, only 34 per cent of
respondents said that this had been done.
With the implementation of GDPR
now less than a year away and with the
public sector continuing to shift towards
electronic delivery, this shows that there’s
still a lot of work to do in order to avoid
fines of
€
20m or four per cent of annual
turnover – whichever is greater – for the
most serious breaches.
Seven out of 10 organisations
surveyed believe they have a complete
overview of their current document and
print environment. Just six per cent of
participants said they were concerned their
current solution isn’t meeting user needs
and 73 per cent of those surveyed said
they felt prepared to meet their obligations
around document and print management.
Cost remains key concern
The majority – 82 per cent of respondents
said that they consider lowering costs to
be a key concern for their organisation
with regards their current print and
multifunctional device management
solutions, compared with just over half
(55 per cent) who cited security concerns
around access and data sharing. Other
issues included: boosting efficiency – 49
per cent, environmental considerations –
55 per cent, legislative issues – 23 per cent,
ensuring solution is easy to use and access
– 60 per cent, consistency in delivery – 35
per cent, and sustainability – 38 per cent.
Public sector coming up short
The print estate is just as important when it
comes to security as any other part of an IT
network. Yet, it is often unclear whose remit
and responsibility it is. As a result, many
organisations are guilty of unprotected
printing features or ensuring their print
devices are safeguarded from threats.
The survey results point to the fact that
public sector organisations are coming
up short when it comes to print security.
One-fifth of participants believe a lack of
a joined-up approach to managing the
multitude of solutions used, is impacting
on security, costs and environmental
considerations.
As mentioned above, over half have
security concerns around access and data
sharing when it comes to their current print
estate, yet only 44 per cent of respondents
actually have a printing security strategy
in place. 22 per cent said they plan to
introduce a printing security strategy in
the next six months and on quarter within
twelve months. Alarmingly, 32 per cent of
organisations have no plans to implement.
And, of those who do have a strategy,
a fifth of organisations have no plans to
review in line with upcoming legislative
changes, such as GDPR, which is a concern.
In fact, just a quarter of respondents plan
to take immediate action.
Another overlooked area when it comes
to data protection is a lack of focus on
securing printer and MFP hard drives. Just
16 per cent of the organisations polled
confirmed that they ensure the hard drive
is protected even if it is removed from the
core device. Just over a quarter (28 per
cent) protect themselves by ensuring the
hard drive is encrypted, and 38 per cent
utilise secure print release functionality,
so print can only be accessed via an
authorised user.
Cyber security challenge
Eddie Ginja, Head of Innovation at
KYOCERA Document Solutions UK said:
“Although cyber security is one of the
biggest challenges facing the public sector
today, printers and multifunctional devices
have traditionally been left at the bottom
of the queue when it comes to data
security strategies. Thankfully, only eight
per cent of organisations had experienced
a print-related security breach to date,
but this research confirms our fears that
print and document management is a
security weak spot when it comes to data
protection, which is deeply concerning
given that GDPR is imminent.”
Despite high profile warnings like the
incident in February this year which saw a
hacker hijack more than 150,000 printers
accidentally left accessible via the web, only
three-quarters (76 per cent) of public sector
organisations have a policy relating to the
use of USB/external hard drives, with just
40 per cent of the policies covering printing
via multifunctional devices. There was also a
lack of certainty around current legislation,
with 29 per cent unconfident about how
long documents should be kept for.
“Without adequate protection,
cyber attackers can easily gain access to
multifunctional devices and the data they
store, potentially then gaining access to
unencrypted data available across entire IT
networks, bypassing company firewalls in
the process,” Ginja said, adding: “Printing
and data go hand-in-hand – just think about
how much sensitive information is printed
or scanned at your organisation every day.
As the new fines draw closer, now is a great
time to analyse your print security.”
kyoceradocumentsolutions.co.uk
RESEARCH
Just over
half (59%),
of those
polled were
aware of the
implications
of GDPR
for their
organisation
...continued
