Information has never been so valuable or readily available than it’s today. With flexible working on the rise, enabled by more powerful mobile devices, the risks associated with office security, such as handling sensitive data also continues to increase.
For businesses, this means a constant battle between enabling employees to work efficiently while ensuring network security across a plethora of connected devices and locations.
The heart of most businesses is the office, where these devices and the people operating them intersect. While innovation is reshaping the face of the office environment, it remains the most permeable area of enterprise security.
With new endpoints entering the workplace every day, IT and security teams are constantly charged with ensuring security threats are minimised. But for many businesses, there are a host of devices in daily use that risk being overlooked.
With a burgeoning volume of smartphones, tablets and connected devices, sometimes the biggest threats come from the devices we take most for granted.
The combined efforts of the workforce and the technology in the office must act as the first line of defence when it comes to office security.
While the influx of new and advanced innovation in the workplace will continue to attract a lot of attention, phones left on trains, conversations held in public places and confidential documents left on printers will continue to challenge security teams everywhere.
After all, information takes many forms and people in many guises will always represent risk. Amidst the buzz around the Internet of Things (IoT), it’s easy to forget that connected printers and scanners form part of this growing ecosystem.
Nearly one in two (47%) managers of businesses across EMEA are aware of instances of documents going missing inside their organisation, while 46% are aware of employees losing documents outside their organisation [Office Insights 2018].
Clearly steps need to be taken if the office is to play a meaningful role in the defence against potential information security threats.
When printing documents that include sensitive information, for example, it’s essential that hard copies are accessed only when the sender can physically pick them up from the paper tray. Without this important measure, it’s possible for information to sit, unclaimed in the public domain.
While this may seem like an innocuous oversight, the biggest implication of poor data handling can be significant. The threat of regulatory fines and subsequent loss of business has the potential to cause ongoing damage to organisations. However, a workforce that is educated and aware of its responsibilities when it comes to data protection in all forms is the best mode of defence against potential issues.
Maintaining new and existing hardware can also represent security headaches, with older devices often overlooked.
Take the printer. Still used every day, connected to the corporate network and so often the recipient of some of an organisation’s most confidential information.
While the corporate network on which most enterprise printers run can address controls and security to an extent, many businesses fail to make this connection leaving such devices vulnerable.
The prevailing view is that a printer is just another piece of office equipment, a peripheral device. But today’s office-class devices are much more sophisticated, with embedded operating systems and support for cloud-enabled, integrated document solutions.
Companies must also remember that most devices have a hard drive in the same way a computer does. Ensuring that this data is encrypted and only accessed by those with the adequate permissions. Additionally, being discarded of responsibly, will further reduce the risk of unwanted breaches.
When it comes to office security, having robust policies and procedures in place is only half the battle. Businesses should ensure that they’re not falling at the first hurdle and overlooking the people and devices right in front of them.
The impending implementation of the EU’s new General Data Protection Regulation (GDPR) is a wake-up call and urgent reminder to businesses to review and re-consider all aspects of their office security.
There are simple steps businesses can take to ensure compliance. More importantly, organisations should be educating employees on their office’s security policies, as well as their individual role in helping keep sensitive data safe.