Print Security About Print Security Areas of Concern - Data Security Copier Data Theft Who's at Risk Regulations and Compliance Print Security Solutions Contact Print Security

SocialTwist Tell-a-Friend

Any and every organisation that operates a digital multifunctional print or copier device contains a hard drive.

Compliance surrounding the Privacy Act, National Privacy Principles and the new NCCP laws presents a unique challenge and a continually moving target. Fines and sanctions have never been higher, and the public relation consequences are potentially devastating, particularly considering the breach notification requirements imposed by these regulations.

Most Australian government agencies and contractors
All private sector organisations with turnover in excess of $3 million dollars
All Businesses and organisations which trade in personal information, irrespective of turnover
All organisations that provide Health service such as hospitals, day surgeries,  doctors, pharmacists, psychologists, chiropractors and in some cases gyms
Credit providers such as Banks, Credit Unions, Underwriters, leasing companies
Organisations, agencies and in some cases individuals handling tax file numbers or credit card details

The list goes on and on, the fact of the matter is that nearly every organisation uses one or more of these devices and are vulnerable.

If data is not erased beyond recovery, data on printer and copier disk drives can leave the physical control of the owners and will often fall into the hands of others. Data can be recovered with little effort, from discarded, warranty repaired, or resold machines. There are many reports written on data recovered from discarded disk drives. Each year hundreds of thousands of hard disk drives are retired. Majority of these within copiers which find their way back into the market with data intact.

The cardinal rule of Hard Disk Drives has been to protect user data at all costs. Disk drives supply primary mass storage and are designed to prevent accidental erasure of data. Computers techniques such as "recycle" folders and "unerase” commands are common ways that operating systems try to prevent accidental sanitization of user data. Deletion of file pointers is standard to speed data writing, because actual overwriting of data is far slower. Drives use elaborate error detection and correction techniques to make sure that they don't return incorrect data.

All this means is that true data erasure is an abnormal event. The measures taken to protect and provide speedy access to data can make that data vulnerable to recovery by unauthorized persons.

Overall data storage security entails protection at different levels and locations:

Data at rest - drive data erasure Transparency to users (automatic encryption)
Secure erase of all data blocks on disk drives Drive internal encryption (data encrypted by storage device)
Single file erasure Access level dependent upon key or password used to decrypt data
Drive physical or magnetic destruction Drive physical or magnetic destruction
Data in motion - data encrypted during transport Drive data sanitisation
Protection of data and crypto keys during transport Secure erasure of user data for drive disposal or reuse

If you haven’t considered the threat of multi-functional peripherals in your overall data security planning, the time to do so is now!  Browse through our website for more detailed information on the unique security challenges posed by copiers, faxes, printers and scanners. 

To obtain information specific to your operation, or to schedule a consultation, please call us at 1300 PRINT 0.

Copyright 2010 - Print Security

Contact us | Disclaimer | Sitemap