It’s already been nearly a year since the introduction of the General Data Protection Regulation (GDPR) in Europe, and many remain unaware of their obligations, or what the penalties might be for failing to fulfil them.
Regardless of size of business or workforce, every company, including public sector entities, was required to comply with GDPR, or face the higher of two fines: €20 million ($22.7 million) or 4 percent of global annual turnover.
At the time, according to Tech Radar, many companies were still unaware of the implications of GDPR non-compliance, with 60 percent of public sector organisations telling a Kyocera UK survey that they were still in the dark.
Many felt particularly unprepared in the field of document and print management, with a good quantity admitting to having no policy regarding USB storage. Printers, also, contain huge hard drives capable of storing millions of documents and other data, and so adherence to GDPR in this regard is crucial. Due to many models’ longer shelf lives, there is a risk they will not have the in-built security features of new models, and so the risk becomes even more potent.
If you are still lagging behind on tightening up your GDPR obligations, there really is no time like the present, and failure to do so could cause a fine large enough to send your company into bankruptcy.
According to Tech Radar, the ten key areas on MFPs to focus on and make secure are: Capture – make sure you aren’t scanning or copying to “uncontrolled destinations”; output tray – documents left lying around could cause a massive data breach; machine operating system – left unprotected could allow a hostile takeover; ports and protocols – similarly, left unprotected could be exploited; management – regular device scanning will prevent exploitation of security holes; network – interception of confidential data could happen across the network link; cloud connection – offsite locations could leave you open to a data breach; device storage – content in unsecured devices could easily be accessed; operation panel – if unlocked, settings can easily be tampered with; and of course, human error – employees leaving sensitive information lying around the office or workplace.
If, nearly a year after the introduction of GDPR, you or your employees are still flouting the regulation through vulnerabilities such as those listed above, make sure you remedy it before your company is put out of business!
