Untraceable Printing,

Copying and

ScanningTonis Haamer

CEO, NT-ware GmbH

March 24-25, 2011

Arena11

Press Reaction

Increased public attention to security breaches

Growing number of compliance regulations

Security Risk Assessment Frameworks

Information Data Loss Prevention solutions

Why?

• Sarbanes-Oxley (SOX)

• Gramm-Leach-Bliley (GLBA)

• Health Insurance Portability and Accountability Act (HIPAA)

• European Union Data Protection Directive 95/46

• Japanese Personal Information Protection Act (JPIPA)

• Public disclosure laws

• Payment Card Industry Data Security Standard (PCI DSS)

• …

2008

1.Malware 54%

2.Employees 52%

3.Spyware 48%

4.Application Vulnerability 44%

5.Hackers 41%

6.Misconfiguration 41%

7.Spam 39%

8.Data Stolen by Trusted Party 38%

9.Insider Sabotage 34%

10.Wireless LAN 33%

Top Threats to Enterprise Security

2006

1.

2.

3.

4.Employees

5.

6.

7.

8.

9.

10.

IDC 2008

2008

1.Malware 54%

2.Employees 52%

3.Spyware 48%

4.Appl. Vulnerable 44%

5.Hackers 41%

6.Misconfig. 41%

7.Spam 39%

8.Data Stolen by Trusted Party 38%

9.Insider Sabotage 34%

10.Wireless LAN 33%

Top Threats of Enterprise Security

Most costly

IDC 2008

Most Costly

Structure and Drivers

User Mistakes

External Attackers

Government Regulations

Insider Malicious Intent

Obligations to Customers, Partners,

Contractors

Managers’personal liability and threat of

criminal or civil penalties

My World

Unprotected print

data

Hard Drive

Printing or Scanning Confidential

Documents?

Is that a salary sheet

on the printer tray ?

Not Again – someone

took my prints !

I can scan to any email

– untraced!

Prints are laying on the tray

for all to see

Sometimes for hours

What is the consequence?

Information is compromised

Confidentiality obligations

are not fulfilled

What is the consequence of

that?

Loss of your job

Loss of trust

Legal implications

TRUE FOR YOU

?

TRUE FOR YOU

?

My World

Untraced Scans

Untraced Prints

Untraced Copies

Lost Prints

My World

Data Encryption

MAC address /IP

filtering

Hard Drive Erase

Loss of Confidential Information

Source: NPO Japan Network Security Association 2008

Owners

Loose company reputation + loose customer trust + loose

their job + loose money + cause internal confusion

End Users

Loose productivity + loose morale + susceptible to

mistakes

IT Managers

Incomplete assessment compromises other efforts

Set unnecessary restrictions and cause loss in productivity

Consequences Lacking Security

Controls?

IT Manager

Business Leader

Users

Effort

How uniFLOW Addresses User Level Security

(uncatchable)

Risk Level

Uncontrolled

Access

Device

Access

Control

uniFLOW Login

Manager

PIN or Card

Prevent

unauthorized access. Trace

scans back to an

individual

uniFLOW Secure

Print

Print to

Memory Only

Prevent

unintended exposure of

information

Function

Level Access

Control

uniFLOW ACLs and AMS

Function level access

More control

where needed (eg

selectively

prevent scan to external email)

Users have to authenticate first, and

only then have access to their print-

jobs.

No confidential prints on printer trays

Your prints are NEVER picked up by

someone else

Secure PrintingI Expect:

- Nobody to look at or

take my confidential

documents from the

printer.

Effort

How uniFLOW Addresses User Level Security

(uncatchable)

Risk Level

Uncontrolled

Access

Device

Access

Control

uniFLOW Login

Manager

PIN or Card

Prevent

unauthorized access. Trace

scans back to an

individual

uniFLOW Secure

Print

Print to

Memory Only

Prevent

unintended exposure of

information

Function

Level Access

Control

uniFLOW ACLs and AMS

Function level access

More control

where needed (eg

selectively

prevent scan to external email)

uniFLOW content

monitoring

Monitor Content

Deter information

theft by paper

uniFLOW knows which content was outputted by a

Canon MFD when, by whom, and to where, by storing job

logs and image logs of copies, faxes, prints and scans.

uniFLOW will analyze the image text content and prompt

action.

How it Works

How it Works

Ben prints a document to his

Canon MFD

uniFLOW OM

Server

Job is printed

immediately

How it Works

Stefanie makes

a copy

uniFLOW OM

Server

Job is copied

immediately

How it Works

Helen scans a

confidential

document

uniFLOW OM

Server

How it Works

uniFLOW OM

Server

Document

Management

System

Copies of each

print, copy,

scan and fax

are sent to the

uniFLOW OM

Server

Documents

checked for

restricted

keywords

Manager Frank informed that Helen has

scanned a restricted document

Documents compressed and

stored in the DMS for future

reference

uniFLOW keeps a full log, including the actual

document, of every copy, print, fax or scan

(Highly compressed, full text searchable PDFs)

(Stored in DM system of customers choice)

Gather and monitor logs selectively

Identify the source of leak quickly and accurately

Useful for : Government departments, departments

with highly sensitive information (personal data, pre-

patent information, industrial design restricted projects,

etc)

Content Based Targeted Auditing

As a Deterrent:

Employees know that copy, print, scan content is

monitored and will behave responsibly.

Enables Quick Reaction:

In case of an information leak the culprit can be

quickly caught and the information loss stopped.

Effect

Effort

How uniFLOW Addresses User Level Security

(uncatchable)

Risk Level

Uncontrolled

Access

Device

Access

Control

uniFLOW Login

Manager

PIN or Card

Prevent

unauthorized access. Trace

scans back to an

individual

uniFLOW Secure

Print

Print to

Memory Only

Prevent

unintended exposure of

information

Function

Level Access

Control

uniFLOW ACLs and AMS

Function level access

More control

where needed (eg

selectively

prevent scan to external email)

uniFLOW content

monitoring

Monitor Content

Deter information

theft by paper

uniFLOW interceptt

workflow

Prevent

Content

Prevent information from being printed

or scanned

uniFLOW includes a powerful scanning engine that

can also be used for adding security

137 language OCR, barcode recognition

Document classification

High compression

Send to email, document management system

Does not need to apply to all devices and users

IT Security department can choose which users

and/or devices should be monitored

Image Analysis Capability in uniFLOW

Show

message

Send to

Fax

Intercept Workflow Based on OCR (using IRIS IDR)

OCR

Send to

File

Scan

Job

Check for

Keyword

Convert

to Word

Send to

email

1. Scan

2. OCR

3. Check for Keywords

4. Show Message / …..

5. Stop / …..

Stop

uniFLOW can recognise the structure of common

company documents that may contain sensitive

information (patient records, bank statements, etc)

If a sensitive document has been printed, copied, faxed

or scanned, uniFLOW can check to see if the person

responsible has the appropriate security rights. If not,

send an email to the IT Security department

e.g. Did a cleaner make a photocopy of a bank

statement?

Ex: User rights and sensitive documents

Intercept Workflow Based on Forms

Recognition (using IRIS Fingerprint)

1. Scan

2. Classify

3. Decide and branch

4. Check Rights / …..

5. Show Message / …

6. Record / ……

One Platform for Office and Production

My Safe World

No Untraced Scans

No Untraced Prints

No Untraced Copies

No Lost Prints

Thank You