Security, Your Printers, and Your Data

A data breach will cost you. Market research firm Cybersecurity Ventures estimates the cost of cybercrime will rise to $6 trillion by 2021.  Beyond the dollars and cents of restoring your data and the network, however, a data breach will leave a mark on your brand and weaken your reputation.

This is why security presents an opportunity for companies to differentiate themselves in a crowded, competitive market. Xerox knows this, which is why we hosted a security summit earlier this year. The event offered powerful value to the vendors, agents, dealers and customers who attended, and Channelnomics named the Xerox Security Summit “Best Security Event of 2018.”

If you missed the Xerox Security Summit, here are a few other things you should know about security.

Nine ideas about information security from six experts

For the criminals, your data is at the core of a lucrative business model, which is why the threat landscape always changes. Information security is several things, but it is never a one-and-done thing. Here are some ideas from the Xerox Security Summit that will help you think about your information security strategy.

Read: Cisco and Xerox Boost Cybersecurity for Printers on the Network and A Partnership for Security Policy Management and Enforcement

Common Criteria certification for security

Achieving Common Criteria Certification is not so common. That’s why Xerox is especially proud to receive the industry’s most stringent information security standard certification from National Information Assurance Partnership (NIAP).

With cyber security threats growing in both numbers and complexity, NIAP determined to tighten up its security standard for hard copy devices. In November 2017, 10 Xerox AltaLink MFPs became the first products to receive Common Criteria certification from NIAP for the new standard.

Read: Getting Out in Front of Evolving Security Threats

Xerox-McAfee solutions provide unrivaled security

Xerox print devices have been engineered with security in mind. That’s why Xerox is the only company that embeds whitelisting technology from McAfee, and provides a free extension for ePolicy Orchestrator.

Xerox’s AltaLink multifunction printers come bundled with McAfee Embedded Control software, so you can rest easy knowing that your MFPs, and any data associated with them, are safe and secure. Key features:

  • Whitelisting: Xerox pre defines a list of trusted applications and functions that can run on an MFP; nothing else is allowed to execute. This is the most efficient way of blocking malicious attacks and attempts to corrupt the printer’s firmware
  • Alerts and audit logs: Any attempt to change applications, or perform a blocked activity, triggers an email alert to the system administrator. What’s more, tracking those attempts is easy.
  • McAfee ePolicy Orchestrator (ePO): Using the free ePO extension from Xerox, IT admins can include Xerox printers in their central security management process. McAfee ePO is easy to use, with drag-and-drop dashboards, and lets organizations use their existing IT infrastructures. Adding eligible Xerox devices to the ePO allows administrators to receive automated alerts, view device security events on the ePO dashboard, keep device firmware current, and track up to 60 security settings.

Read: Lock Down Printers with McAfee Embedded Control Technology

What motivates cybercriminals?

The obvious answer is money, but cybersecurity company McAfee wanted to know if there is more to it. McAfee researchers examined recent examples of ransomware and the accompanying ransom notes that included email addresses where victims could send their payments or ask questions. The researchers sent emails asking the “actors” if they would answer a few questions.

Initially, the McAfee team received a few replies, but most of the actors did not want to cooperate. No surprise there. But their luck slowly changed over the next few weeks, and the researchers gathered a collection of conversations. Their findings:

  • Yes, it’s about the money. Travel, cars, a house, and some were simply paying off debts.
  • Almost all said they were willing to negotiate the ransom price, if the victim cannot afford to pay.
  • People become ransomers because they believe cybercrime is low-risk with high returns. This is increasingly untrue, because law enforcement agencies have partnerships with academic institutions and cybersecurity companies (like McAfee).

Read: How McAfee Uncovered a Cybercrime Gang

A leader in cloud-based MPS security and workflow automation

Xerox is the only cloud-based managed print services (MPS) provider that has achieved in-process status for the U.S. government’s Federal Risk and Authorization Management Program (FedRAMP) for our MPS offerings. This designation tells decision makers at federal agencies that our solutions can improve the security of their information, cut printing costs and improve transparency.

Source: www.connect.blogs.xerox.com