Exclusive research from Samsung shows more than half the offices in Europe are not taking steps to protect confidential printed information
Survey reveals low awareness of behavioural and IT security risks
17 June 2009, Chertsey, Surrey – Samsung Electronics, a leading name in the world of consumer electronics and information technology, has today released the results of a Europe-wide survey of more than 4,500 workers in the public and private sectors, which revealed that companies are not putting in place appropriate measures to protect confidential information. According to the research, 56 per cent of workers regularly see confidential documents abandoned on the printer and over half (51 per cent) of those surveyed are not aware of any processes or technologies in place at their organisation to protect the printer network itself.
Despite public concerns about the protection of sensitive information, organisations across Europe are failing to take steps to protect it. Those working in the banking/finance sector were most likely to see confidential documents, with more than two thirds (68 per cent) of respondents seeing these on the print tray. The healthcare sector did perform better, but still more than one third of respondents (34 per cent) admitted to finding personal patient information left on the printer – including health records (38 per cent) and lab results (34 per cent) that they never were meant to see. These respondents were not just doctors and nurses – almost half (44 per cent) worked in roles such as marketing, operations, finance and IT.
The survey, conducted by Lightspeed Research, polled workers at companies with at least 50 people from eight European countries. The results reveal that although people know that safeguarding confidential documents is crucial, with almost two thirds (65 per cent) recognising serious consequences as a result of confidential data being exposed beyond their organisation, most do not realise the security risks that uncontrolled printing introduce to their business. IT security loopholes are emerging, which combined with careless printing habits compromise corporate and personal security.
Germany had the highest rate of abandoned documents, with 69 per cent of respondents reporting seeing confidential data on the print tray at least once a month, followed by Spain with 67 per cent. France was the most conscientious about protecting printed documents, but still one-third (34 per cent) of respondents inadvertently saw sensitive documents on the print tray at least once a month.
European workers are not even taking steps to protect their own personal data, with almost half (48 per cent) of survey respondents reporting seeing private documents sitting on the print tray. The respondents have learned undisclosed details about their colleagues from the print tray, including salary details (19 per cent), performance appraisals (15 per cent) and CV information (30 per cent).
“The results of the research show that organisations across Europe need to take more precautions to guard against security threats associated with their printing network and document output,” explained Graham Long, Vice President, European Printing Operation, Samsung Electronics. “Simple measures such as PIN code released prints and educating employees about proper printing procedures could significantly reduce the number of abandoned documents on the output tray and protect businesses from serious security breaches.”
Beyond the behavioural aspects of protecting printed documents, there is also a lack of knowledge about IT security risks that printers bring into an organisation. Almost 7 in 10 respondents (69 per cent) did not realise that printers store all recent documents on an easy to remove hard drive, while two thirds (65 per cent) didn’t know that a networked printer can be hacked in a similar way to a PC.
Surprisingly, even the IT department is in the dark about the risks; 50 per cent didn’t realise the threats associated with the hard drive while four in 10 (39 per cent) didn’t know that printers can be hacked. This lack of awareness is reflected in the low levels of precautions reported to increase the security of the printing network; over half (51 per cent) of respondents were not aware of any printing security processes or technologies at their company.
“The organisation’s printing environment can often be overlooked by IT departments when investing in business infrastructure security solutions,” said Leigh Worthing, Senior Research Analyst, Western European Peripherals Group, IDC. “This in turn can lead to potential security weak spots for businesses, especially when we consider the increasing number of fully networked MFP and print devices currently being deployed in organisations of all sizes. With this in mind, security is certainly an area that needs to be carefully considered by decision makers when it comes to purchasing choices related to printing hardware and solutions.”
Security is a critical business factor, especially in workgroup environments where devices are shared and documents of a sensitive nature are produced. Information security cannot be ensured by simply deploying a software tool. Samsung’s approach to safeguarding a document for its entire lifecycle is a three-pronged strategy that includes: printing security, document security and network security. For more information, please visit www.samsung.com/businessprinter.