Could High Tech Devices In The Office Leave Companies Open to Crime?
- October 16, 2006
- by PInow Staff
Today's multi-use office machines often act as small computers, storing sensitive office data and even making it accessible to hackers and other criminals. Most companies are not even aware of the danger.
Imagine this: A busy company executive photocopies a sensitive document and faxes it to a client. Both the client and executive take care to keep the document well hidden and destroy their only copies. The document is leaked out to the press a day later, putting an important deal in jeopardy. Sadly, this is not the plot of some thriller. It is a situation that occurs in offices across the country. Virtually every modern office may be facing the same danger.
Company printers, copiers, faxes, and scanners routinely undermine businesses and even cause lengthy and expensive law suits. These necessary devices often contain hard drives and other high-tech features that make life easier for workers - but which can also compromise security at a company. Many of todays peripheral devices contain mini computers or function as independent computers, which experts say creates a risk for businesses everywhere.
According to the U.S Department of Energy Computer Incident Advisory Capability (CIAC), All intelligent peripherals connected to the Internet requiring an IP address may have the capability of storing images in memory and/or onto an internal hard drive. Some of these systems have the capability of running inet daemons such as ftp, telnet, and others. In fact, CIAC gas received numerous complaints from companies that have had personal files compromised and sensitive information leaked through such devices.
Nor are just network peripherals a problem. Copiers that are not hooked up to a network can still store images on a hard drive. In many cases, such a drive is not even password-protected, allowing anyone to peek inside of months or even years of sensitive document photocopying. In many cases, accessing copies of past reports is as simple as pressing a print button again. Although multi-use machines such as copier/faxes/scanners that are hooked up to a network are riskiest, any machine with a hard drive is a potential threat to privacy and security. In cases where these machines are leased out to businesses, the security risk is even greater as the memory cards may not be wiped clean before being passed on to the next user, meaning that the new customer may easily access old documents and private information.
Many companies are not even aware of a problem, which makes these devices even more dangerous. A 2001 Sharp Electronics Corp. found that 47% of computer-savvy IT workers didn't even know that their copier/printers contained a hard drive. The same survey found that 65% of the same IT employees thought their copier/printer posed no security risks.
Although most business leaders seem unaware of the security risks their peripherals pose, these risks are nevertheless very serious ones. Criminals are able to access many of these devices remotely and hack into these systems. In some cases, thieves can redirect printer jobs remotely, essentially printing off secret or sensitive documents at their own printers. Internally, these devices pose risks as well as they pose a temptation for dishonest employees who want to access records or information not readily available to them.
Since most businesses rely on their technology, the solution is not simply to throw out the machines that make business a success. Instead, companies can get proactive about this problem by:
- Checking all high-tech photocopiers and printers to see which devices store soft-copy versions of documents. In some cases, it may be possible to customize these machines so that they do not store information after every print job. Of course, any existing saved information on the hard drive should be looked over and deleted.
- Making sure that surveillance and security cameras are positioned so that they cannot view or record passwords and keystrokes. Such cameras can undermine even the most careful security measures.
- Making sure that no spyware or viruses exist on company computers. Some programs make it easier to allow criminals to remotely print your documents.
- Making sure that hard copies and disks with sensitive information are secured
- Making sure that employees are not writing down passwords and other key information that allows anyone to access peripherals, files, networks, and other key areas.
- Hiring a private investigator with experience in corporate investigations to run a security audit and close any security leaks before they become a threat. In many cases, this is the best way to ensure that a company is not inadvertently allowing criminals to access important information. A good private investigator will take a whole-security approach to the problem, assessing and going over all possible security threats to a company. A corporate investigation expert can make sure that any company is as safe as possible from internal and external threats.
Finding a corporate investigation professional is easier than many companies realize. The PInow.com Worldwide Directory of Investigators allows individuals and companies to find experienced and qualified private investigators in their area quickly and effectively. No matter what kind of high-tech devices your company uses, you can use PInow.com to find an investigative professional who can help ensure company security.
PInow.com (http://www.pinow.com/) is a Worldwide Directory of Private Investigators that enables law firms, corporations and the general public to find investigators anywhere. PInow.com strives to be the most trusted resource on the web to locate qualified investigators. All investigators listed on PInow.com are pre-screened and must meet specific listing requirements.
PInow.com was developed by the team that brought you the ServeNow.com Process Servers Directory (http://www.serve-now.com/).
Visit PInow.com to find investigators who can help with all your investigation needs.