Every year, the impact of cyber-attacks on businesses of all sizes continues to mount. It's estimated that damage related to cybercrime is projected to hit $6 Trillion annually by 2021. Cyber attackers do not discriminate based on the industry sector, which is why it's imperative that Print Service Providers consider this threat as seriously as they take investing in new printing equipment. Moreover, in an industry dominated by small and medium-sized enterprises, the issue could not be more relevant, considering over 60% of breach victims in 2017 were businesses with fewer than 1,000 employees.
We sat down with Kodak's Director of Product Management, Kodak Software Division at Eastman Kodak Company, Stephen Miller to discuss what the biggest cybersecurity challenges are and how printers can best protect their organizations.
What’s one of the biggest challenges to combatting today’s cyber security threats that printers need to understand?
It's important for printers, many of whom are small and medium-sized businesses not to ignore the risk of an attack. We tend to think only major brands are being compromised because they get lots of media coverage, but that doesn't mean it can't happen to an unknown company. Hacker's don't discriminate based on size or reputation. In fact, recent cybersecurity statistics show that small businesses account for most data breaches (58%).
Hackers have figured out that the most vulnerable part of a computer network is a human being. They've realized that they no longer need to go through all the trouble of using sophisticated tools to exploit computer networks when they can just as easily rely on a human to open the doors. And the door that they are walking through is in many cases is an employee's email account.
These malicious emails rely on deceiving users into opening attachments or clicking a link to an infected website. Once they have gained access to a company’s resources, they can steal information or cripple business operations.
What impact do these cyber-attacks have for printers?
The nature of these attacks can vary. For example, email phishing campaigns are typically designed to install malware, which can result in several issues for a company. It can block access to crucial components of your network and hold it for ‘ransom’ until your company pays off the hacker or it can disrupt individual parts that render your system inoperable. There’s also ‘spyware’ that covertly obtains information by transmitting data from your hard drive. In every case, it’s a massive headache for the company targeted, disrupting its operations while they work to recover from the attack. How long it takes and how costly it will be, depends on the severity of the incursion. A recent report from Chubb Insurance notes that the average price tag for a business to recover after a cyber-attack is $400,000, which can be fatal for small-and-medium-sized enterprises (SMEs).
Aside from the cost to your bottom line, it can damage your firm’s reputation and erode the trust of your customers. You can imagine what this might look like if your internal systems were compromised. An employee mistakenly opens a link in a familiar-looking email, which then unleashes a malicious file that locks up your servers with critical customer print files. If you’re lucky, resolving this issue could be a minor inconvenience, or it could take days or weeks to work through the damage, incurring lost time, financial resources, and dissatisfied customers.
What practical steps can printers start taking today to mitigate the risk of a cyberattack?
It’s important to understand that the cost to add additional protection to harden your network security can be far less than the cost to remediate a security incident after an attack has occurred. It really needs to be considered in the same way you look at taking out insurance for your company’s delivery vehicles or fire protection for your company’s manufacturing facility. The only difference in enhancing your network security is that you are actively mitigating the risk of a breach.
Three steps that we would recommend taking today are:
Isolate Business Critical Data
It’s not enough to merely back-up your data. You need to know what data is critical to your business processes and operations.Once you do that, you need to isolate that data using software that can automate the process of storing business critical data offsite. If a hacker can’t see it, then they can’t access it.
Educate and Train Your Staff
Educating your staff is key. Ninety percent of attacks today come right through the front door via email phishing schemes. There is excellent advice online, or you can hire an outside consulting firm to help educate your organization about how to defend against this problem.
Evaluate Options to Move Critical Data and Systems Offsite
In addition to isolating and securing your business-critical data, you can consider moving that data off your LAN to a much more secure environment, like hosting your software and data in a secure cloud environment. file:///C:/Users/U140776/AppData/Local/Microsoft/Windows/INetCache/Content.Outlook/MVNWHLY7/Cloud_Security.pdf
How is Kodak helping printers protect their networks from outside threats?
Computer networks, like the one you use every day to run your print business, are naturally designed to share information. When a computer network share's information, computers are linked together via ‘network shares’ and pass information from device to device. Uncorrupted, it creates the incredible business efficiencies that we all take for granted today. Of course, the same interconnected network can also be used to rapidly transmit a pernicious virus that is intended to cripple your ability to operate the business.
At Kodak, we approach this issue from the software engineering side by what's called network segmentation. Part of that approach is to isolate data because if a hacker can't see your files, they won't be able to access them. With PRINERGY's SaaS (software as a service) offerings, we have a PRINERGY cloud agent which is installed on the PRINERGY server and acts as an encrypted conduit to your secure cloud storage account. For a printer using Prinergy VME with Managed Services, their files are removed from their local area network and sent over the Internet to their cloud storage account, where multiple copies are made automatically and securely stored in two different Microsoft Azure data centers.
Also, our Kodak Prinergy Managed Services, which falls under the category of IaaS (Infrastructure as a Service), allows printers to access best in class security tools to help harden their network and improve operational efficiencies, redundancy and uptime.
The services available via PRINERGY have the benefit of being hosted on the Microsoft Azure platform, where Microsoft invests $1 billion a year in security research, far exceeding what any business could do on its own by hiring a security specialist. In addition to the security features provided by Microsoft, Kodak works with Wipro, a leading IT security services provider to perform quarterly risk / security assessments and penetration testing for all Microsoft data centers hosting Kodak Prinergy software.
Ultimately, security's all about layering in additional protections. With businesses needing to keep up with constantly evolving security threats, the advantage of moving to the cloud for security means you can seamlessly keep up with the latest tools and processes to keep your data and business safe!