Sunday, August 24, 2008

MFP Insecurity Woes...

Company data is a sensitive thing - or at least should be. We try to ensure our clients' data is as safe as it can be, within reason, yet as usable as it can be - and unfortunately these two needs are often diametrically opposed, so we need to make some compromises on both fronts.

We ensure that we securely wipe client hard drives before handing them on - to the point of dismantling the drives and shattering the platters where sensitive personal or secure information is concerned. We lock down our networks with firewalls. We run antimalware applications. We limit administrator rights to desktops. We employ NTFS security on files and folders. Do we look at the information on MFPs (Multi-Function Printers) before we pass them on to others?

Apparently a number of companies don't. Dick Morrell, a well known UK security bod has done some testing of this himself with the results which can be found here.

A little thinking outside the square here, but as the people responsible for our clients' data (in many circumstances), we need to do that. We need to think ahead and think like security people not network people. Unfortunately, this is not something that comes naturally to a lot of people. It is something we all need to work on in the SMB IT industry.

Regards,

The Outspoken Wookie

No comments: