One of the basic realities facing IT managers is that any security system is only as reliable as the users make it. Employee behavior around mobile printing is a perfect example of this rule in action.
Employees the Weakest Link pull quote resized 600According to two surveys published in 2013, employees will print from their mobile devices. If there's no simple, easy way to do it within the company's secure network, they'll take whatever steps they believe are required to get the job done, including:
A well-designed secure mobile printing solution should integrate seam�lessly with mobile device management (MDM) and mobile application man�agement (MAM) solutions, as well as other existing corporate security risk solutions, remove risk, and give employees the ability to get their jobs done easily ? without creating security nightmares for IT.
Careless employee behavior has always put company data at risk. Human failings such as lost laptops and passwords jotted on sticky notes have made headlines around the world when data breaches have occurred. But what about when employees are trying to do the right thing by being productive, but inadvertently leaking sensitive data in the process?
Survey after survey shows that if employees can't print from their mobile devices, they will engage in behavior that can seriously compromise security such as transferring files to a cloud storage site, or emailing it outside the network to an unsecured desktop computer (at a business center, for example) where they can print it.
Another common attempt by employees to solve mobile printing problems leads to so-called shadow IT: that is, a situation when an employee reads about or sees an unauthorized app that promised to solve their printing problem, and installs it on a device without IT control or approval. According to Network World, at least 80% of mobile apps have built-in security and privacy holes designed into the app. Some apps request permissions that aren't used by the app, creating a built-in security hole that hackers can exploit to steal unencrypted data.
For example, many unmanaged mobile apps obtain permissions to:
Network World reports that 96% of iOS apps and 84% of Android apps can access at least one of these data risk categories. With the demand for mobile printing growing every day as users become more mobile, and with so many risks attending many of the ways users solve the problem on their own, it's never been more important for IT to provide a secure, standardized mobile print solution for their organizations.
Recent court decisions have given mobile device security a new urgency for businesses, schools, hospitals, and other organizations subject to regulatory oversight. In 2011, the U.S. Eighth Circuit Court of Appeals ruled that any device with storage and processing capabilities could be considered a computer under the Computer Fraud and Abuse Act (CFAA). In 2012, the Fourth Circuit Court decision in United States v. Kramer specifically named printers and mobile devices like watches, smartphones and MP3 players as being subject to the CFAA.
Despite these court cases, there is still no consistent standard for what companies must do in order to ensure that their mobile printing solution meets compliance rules. In general, however, the court rulings mean that the security standards for mobile devices and printers are the same as those for any other computer.
That means that companies need to step up employee training on risky behaviors, and offer solutions that provide them with incentives to use secure mobile apps selected and managed by IT rather than relying on unsecured consumer apps. Breezy's secure mobile printing solution with on-device encryption is growing in popularity with companies in education, healthcare, banking and finance, pharmaceuticals and other regulated industries because it provides ease of use, integration with existing MDM solutions and legacy printer fleets, and also delivers the compliance assurance management wants.
Customers report that Breezy installations are among the easiest they’ve ever seen for an enterprise product.