untraceable printing, copying and - canon.no20relatert%20til%20utskrift... · untraceable printing,...
TRANSCRIPT
Untraceable Printing,
Copying and
ScanningTonis Haamer
CEO, NT-ware GmbH
March 24-25, 2011
Arena11
Press Reaction
Increased public attention to security breaches
Growing number of compliance regulations
Security Risk Assessment Frameworks
Information Data Loss Prevention solutions
Why?
• Sarbanes-Oxley (SOX)
• Gramm-Leach-Bliley (GLBA)
• Health Insurance Portability and Accountability Act (HIPAA)
• European Union Data Protection Directive 95/46
• Japanese Personal Information Protection Act (JPIPA)
• Public disclosure laws
• Payment Card Industry Data Security Standard (PCI DSS)
• …
2008
1.Malware 54%
2.Employees 52%
3.Spyware 48%
4.Application Vulnerability 44%
5.Hackers 41%
6.Misconfiguration 41%
7.Spam 39%
8.Data Stolen by Trusted Party 38%
9.Insider Sabotage 34%
10.Wireless LAN 33%
Top Threats to Enterprise Security
2006
1.
2.
3.
4.Employees
5.
6.
7.
8.
9.
10.
IDC 2008
2008
1.Malware 54%
2.Employees 52%
3.Spyware 48%
4.Appl. Vulnerable 44%
5.Hackers 41%
6.Misconfig. 41%
7.Spam 39%
8.Data Stolen by Trusted Party 38%
9.Insider Sabotage 34%
10.Wireless LAN 33%
Top Threats of Enterprise Security
Most costly
IDC 2008
Most Costly
Structure and Drivers
User Mistakes
External Attackers
Government Regulations
Insider Malicious Intent
Obligations to Customers, Partners,
Contractors
Managers’personal liability and threat of
criminal or civil penalties
My World
Unprotected print
data
Hard Drive
Printing or Scanning Confidential
Documents?
Is that a salary sheet
on the printer tray ?
Not Again – someone
took my prints !
I can scan to any email
– untraced!
Prints are laying on the tray
for all to see
Sometimes for hours
What is the consequence?
Information is compromised
Confidentiality obligations
are not fulfilled
What is the consequence of
that?
Loss of your job
Loss of trust
Legal implications
TRUE FOR YOU
?
TRUE FOR YOU
?
My World
Untraced Scans
Untraced Prints
Untraced Copies
Lost Prints
My World
Data Encryption
MAC address /IP
filtering
Hard Drive Erase
Loss of Confidential Information
Source: NPO Japan Network Security Association 2008
Owners
Loose company reputation + loose customer trust + loose
their job + loose money + cause internal confusion
End Users
Loose productivity + loose morale + susceptible to
mistakes
IT Managers
Incomplete assessment compromises other efforts
Set unnecessary restrictions and cause loss in productivity
Consequences Lacking Security
Controls?
IT Manager
Business Leader
Users
Effort
How uniFLOW Addresses User Level Security
(uncatchable)
Risk Level
Uncontrolled
Access
Device
Access
Control
uniFLOW Login
Manager
PIN or Card
Prevent
unauthorized access. Trace
scans back to an
individual
uniFLOW Secure
Print to
Memory Only
Prevent
unintended exposure of
information
Function
Level Access
Control
uniFLOW ACLs and AMS
Function level access
More control
where needed (eg
selectively
prevent scan to external email)
Users have to authenticate first, and
only then have access to their print-
jobs.
No confidential prints on printer trays
Your prints are NEVER picked up by
someone else
Secure PrintingI Expect:
- Nobody to look at or
take my confidential
documents from the
printer.
Effort
How uniFLOW Addresses User Level Security
(uncatchable)
Risk Level
Uncontrolled
Access
Device
Access
Control
uniFLOW Login
Manager
PIN or Card
Prevent
unauthorized access. Trace
scans back to an
individual
uniFLOW Secure
Print to
Memory Only
Prevent
unintended exposure of
information
Function
Level Access
Control
uniFLOW ACLs and AMS
Function level access
More control
where needed (eg
selectively
prevent scan to external email)
uniFLOW content
monitoring
Monitor Content
Deter information
theft by paper
uniFLOW knows which content was outputted by a
Canon MFD when, by whom, and to where, by storing job
logs and image logs of copies, faxes, prints and scans.
uniFLOW will analyze the image text content and prompt
action.
How it Works
How it Works
Ben prints a document to his
Canon MFD
uniFLOW OM
Server
Job is printed
immediately
How it Works
Stefanie makes
a copy
uniFLOW OM
Server
Job is copied
immediately
How it Works
Helen scans a
confidential
document
uniFLOW OM
Server
How it Works
uniFLOW OM
Server
Document
Management
System
Copies of each
print, copy,
scan and fax
are sent to the
uniFLOW OM
Server
Documents
checked for
restricted
keywords
Manager Frank informed that Helen has
scanned a restricted document
Documents compressed and
stored in the DMS for future
reference
uniFLOW keeps a full log, including the actual
document, of every copy, print, fax or scan
(Highly compressed, full text searchable PDFs)
(Stored in DM system of customers choice)
Gather and monitor logs selectively
Identify the source of leak quickly and accurately
Useful for : Government departments, departments
with highly sensitive information (personal data, pre-
patent information, industrial design restricted projects,
etc)
Content Based Targeted Auditing
As a Deterrent:
Employees know that copy, print, scan content is
monitored and will behave responsibly.
Enables Quick Reaction:
In case of an information leak the culprit can be
quickly caught and the information loss stopped.
Effect
Effort
How uniFLOW Addresses User Level Security
(uncatchable)
Risk Level
Uncontrolled
Access
Device
Access
Control
uniFLOW Login
Manager
PIN or Card
Prevent
unauthorized access. Trace
scans back to an
individual
uniFLOW Secure
Print to
Memory Only
Prevent
unintended exposure of
information
Function
Level Access
Control
uniFLOW ACLs and AMS
Function level access
More control
where needed (eg
selectively
prevent scan to external email)
uniFLOW content
monitoring
Monitor Content
Deter information
theft by paper
uniFLOW interceptt
workflow
Prevent
Content
Prevent information from being printed
or scanned
uniFLOW includes a powerful scanning engine that
can also be used for adding security
137 language OCR, barcode recognition
Document classification
High compression
Send to email, document management system
Does not need to apply to all devices and users
IT Security department can choose which users
and/or devices should be monitored
Image Analysis Capability in uniFLOW
Show
message
Send to
Fax
Intercept Workflow Based on OCR (using IRIS IDR)
OCR
Send to
File
Scan
Job
Check for
Keyword
Convert
to Word
Send to
1. Scan
2. OCR
3. Check for Keywords
4. Show Message / …..
5. Stop / …..
Stop
uniFLOW can recognise the structure of common
company documents that may contain sensitive
information (patient records, bank statements, etc)
If a sensitive document has been printed, copied, faxed
or scanned, uniFLOW can check to see if the person
responsible has the appropriate security rights. If not,
send an email to the IT Security department
e.g. Did a cleaner make a photocopy of a bank
statement?
Ex: User rights and sensitive documents
Intercept Workflow Based on Forms
Recognition (using IRIS Fingerprint)
1. Scan
2. Classify
3. Decide and branch
4. Check Rights / …..
5. Show Message / …
6. Record / ……
One Platform for Office and Production
My Safe World
No Untraced Scans
No Untraced Prints
No Untraced Copies
No Lost Prints
Thank You