5 ways to keep legal document content secure - canon...
TRANSCRIPT
CSA.CANON.COM/SECURITY
5 Ways to KeepLegal Document Content Secure
The Ponemon 2018 Global Encryption Trends Study found that less than half (43%) of respondents have an encryption strategy applied consistently across their enterprise.
According to the 2018 ILTA Technology Survey, only 28% of respondents employ Data Loss Prevention (DLP) and/or tracking of information access as a security measure.
According to the Ponemon survey, security automation decreases the total cost of a data breach. The average total cost of a data breach is $2.65M for organizations that fully deploy security automation1.
Canon is a registered trademark of Canon Inc. in the United States and elsewhere. All other referenced product names and marks are trademarks of their respective owners and are hereby acknowledged. © 2020 Canon Solutions America, Inc. All rights reserved. 12/19-1122-3954
Grant administrative privileges for settings, tracking, etc. to a select few within the firm based on roles and responsibilities
Require user authentication for printing, copying, scanning only when users are physically at the device
Fully track data and activity to reveal clear chain of custody for all paper/electronic documents
Conduct regular penetration testing and vulnerability assessments
If necessary, establish a virtual CISO
Create an incident response protocol
A comprehensive risk assessment should be the first step in your security journey
Conduct training and awareness
Establish a real time revocation protocol
Limit availability of sensitive documents
Allow admins to view and search all printing, scanning, copying and faxing activity via an uneditable audit trail
Use pull-printing and secure mailboxes to enforce user authentication policies
Encrypt print jobs in transit and at rest
Password protect all hard drive data
Store passwords, encryption keys, etc. on a Trusted Platform Module chip
1. Secure Your Devices
According to Ponemon’s study only 16% of companies reported full deployment of security automation. Only 36% reported partial deployment1.
Embed tracking information in your documents that is only visible to admins through enterprise digital rights management
Install cassette lock trays to protect the integrity of sensitive forms
Adopt an Enterprise Content Management System with automatic document back-up for disaster recovery
Verify authenticity with digital signatures
Improve usability and document protection by scanning directly to PDF and other formats within an Enterprise Content Management System
3. Secure Your Documents
5. Invest in Cybersecurity
4. Secure Your Information
2. Secure Your Print
Restrict access to device USB ports
Manage devices from a single point to track and monitor, troubleshoot, and update user credentials and certificates
Ensure MFDs include controls that verify and check for unauthorized use at startup
Password protect all hard drive data and ensure secure data deletion
Limit network access to specific IP addresses or ranges through IP address and port filtering
Integrate ALL devices including printers in a SIEM (security information event management) system
Adopt strong wireless encryption and authentication standards for Wi-Fi capable MFDs
According to the Ponemon Institute’s 2019 Cost of a Data Breach study, the average cost of a data breach for U.S. companies is $8.19 million1. As cyber criminals increasingly find new ways to infiltrate and mine personal and confidential information, it’s no longer a matter of if your information will be breached but when. A complete law firm document security policy should be simple to integrate and comprehensive in scope. Is your firm resistant to change or just paralyzed by overwhelming options? Avoid leaving your data vulnerable to theft, compromise, or leaks by working through this checklist:
The 2018 American Bar Association Legal Technology Survey Report found that only57% of respondents said their firms budget for technology expenditures.
Source: 1. 2019 Cost of a Data Breach Study by the Ponemon Institute and IBM Security.