It is so easy to read your documents even before you get them on paper…
Protect them with Celiveo
In 2016, 47% of incidents involved a malicious or criminal attack, 25% were due to negligent employees or contractors and 28% involved system glitches.
Negligent insiders are individuals who cause a data breach because of their carelessness. Malicious attacks can be caused by hackers or criminal insiders (employees, contractors, third parties).
2017 Cost of Data Breach Study
Benchmark research sponsored by IBM Security
Research Report/ Ponemon Institute
Insider threat occurs in three varieties, of decreasing frequency:
1. Careless or uninformed users who unintentionally violate security requirements and policies due to a lack of cybersecurity awareness, training, or foundational cyberhygiene.
2. Negligent users who intentionally evade security measure out of convenience, neglect, or misguided attempts to increase productivity.
3. Malicious users who intentionally evade security measures in attempts to profit financially, gain revenge, or seek to unmask corruption or other malfeasance, based on a misguided sense of idealism.
IN 2017 THE INSIDER THREAT EPIDEMIC BEGINS
Feb 2017/ Institute for Critical Infrastructure Technology
GDPR regulation non-compliance fine:
Up to €20 million, or 4% of the worldwide annual revenue of the prior financial year, whichever is higher.
Important Information Is Often Printed
- Unattended documents are hijacked on printers output trays
- Print job names are visible to everyone using shared print queues
- With a click by IT, all print jobs are archived by Windows print servers
- All stuck documents are released as soon as a failing printer is repaired
- IT can see, archive, intercept, view and reprint any print jobs from any user
- Unauthorized people can use MFPs to send data out if those are unlocked
Celiveo Secures MFPs and Documents
- MFP & Printers Access Control
- No more unattended printing
- End-to-end Encryption, advanced stealth mode to comply with GDPR regulation
- Strong User Authentication
- PIN code, Badge, barcode
- PKI Smartcard
- Advanced Audit and Reporting
Printing is totally unprotected by default
More and more leaks happen from insiders, who have access to the corporate IT as part of their job to maintain it. Few people know it is so easy to read the CEO or CFO print jobs, one just needs to be server administrator or use free tools. All IT contractors and printing solutions suppliers also have access to a wealth of information when maintaining the system. And nobody will be aware someone captures and reads documents from his desk, possibly from another continent. Such events directly falls under the strict GDPR regulation, protecting personal information contained in print jobs.
Is such data interception complex? Not at all!
The easy way: make Windows Server copy print jobs
Sniffing and intercepting documents on the network
Just search Google for “Printer Hacking Wireshark” and you can find complete step-by-step cookbooks on how to see on your screen all print jobs going to a specific printer. Then any free PCL or Postscript viewer allows to display those documents
Viewing SQL server data (and modifying it)
SQL Server Data Tool (SSDT) is free on Microsoft web site. The company that installs/maintains the solution knows the database credentials it is possible to change PIN codes, badge numbers, see jobs list names, copy print jobs file depot etc.