Year after year, the impact of cyber attacks on businesses of all sizes is increasing. It is estimated that the damage caused by cybercrime will reach $6 trillion annually by 2021. Internet attackers do not distinguish between industries, so it is essential for print service providers to take this threat seriously when investing in new printing and production technology. In addition, the problem is particularly acute in an industry made up primarily of small and medium-sized businesses when you consider that in 2017, more than 60% of the victims of data attacks were companies with fewer than 1,000 employees.
We talked to Stephen Miller, Director of Product Management at Kodak Software Division, Eastman Kodak Company, about the biggest cyber security challenges and how printers can best protect their businesses.
What are the biggest challenges today in the fight against cyber security threats that printers need to know about?
For print entrepreneurs, especially those running small and medium businesses, it's important not to ignore the threat of an attack. We tend to believe that only large and significant companies are at risk because they are in the public eye, but that does not mean that this cannot happen to an unknown company. Hackers do not differentiate by size or reputation. In fact, new cyber security statistics show that most data breaches (58%) were found in small businesses.
Hackers have found that the most vulnerable part of a computer network is humans. They have realized that they no longer have to go the hard way with complex tools to exploit computer network security problems, but that they can simply resort to a human to open the gates. And the door they walk in through is often an employee's email account.
These malicious emails deceive users into opening attachments or clicking on a link to an infected website. Once they gain access to a company's resources, they can steal information or shut down operations.
What impact do these cyber attacks have on printers?
The nature of these attacks can vary. For example, phishing email campaigns are typically designed to install malware that can cause a company various problems. It can block access to key network components until the company pays the hacker a "ransom", or it can disrupt parts of the system so that it can no longer operate. There is also spyware, which can conceal information by transferring data from hard drives in the enterprise. In any case, this means massive problems and disruption for the hacker's target company as they work to fix the consequences of the attack. How long this will take and how costly it will be will depend on the severity and scale of the hostile attack. In a recent report published by insurance company Chubb, the average cost to a company of repairing the damage caused by a cyber attack is $400,000, which can threaten the survival of small and medium-sized businesses.
In addition to the detrimental impact on corporate earnings, this can damage a company's reputation and affect customer confidence. Every printer can imagine what would happen if his internal systems were damaged. For example, the following can happen: An employee accidentally opens a link in a harmless-looking email that releases a malicious file that blocks the company's servers containing important customer print files. If you are lucky, troubleshooting will cause less inconvenience. However, it can take days or weeks for the damage to be repaired, resulting in lost time, lost money, and dissatisfied customers.
What practical measures can printers take today to reduce the risk of a cyber attack?
It is important to understand that the cost of additional protection to strengthen network security can be far lower than the cost of fixing a security incident after an attack. This should really be considered in the same way as taking out a car insurance policy for the company fleet or a fire insurance policy for the production buildings. The only difference in improving network security is that the risk of an attack is actively mitigated.
We recommend implementing the following three steps as quickly as possible:
1. isolate business critical data
It is not sufficient to back up data only by making a backup copy. It must be known which data is essential for a company's business processes. Then this data must be isolated using software capable of automating the process of storing business-critical data in a location outside the enterprise. If a hacker can't see the data, he can't access it.
2. train the staff accordingly
Appropriate training of employees is of central importance. Today, 90% of attacks come directly through the front door in the form of phishing emails. The Internet provides excellent advice on how to prevent damage, but external consulting firms can also be hired to provide training on how to prevent this problem.
3. explore ways to relocate important data and systems to an external location
In addition to isolating and securing business-critical data, moving that data away from a company's local network to a much more secure environment, such as hosting the software and data in a secure cloud environment, can be considered.
How does Kodak help printers protect their networks from outside threats?
Computer networks, such as the one that printers use every day for their administration and production, are inherently designed to exchange information. When information is exchanged on a computer network, computers are connected to each other via "network shares" and pass the information from device to device. The network provides the incredible business efficiency that we all take for granted today. Of course, the same network can also be used to quickly transmit a malicious virus designed to bring business to a standstill.
At Kodak, we address this problem from a software development perspective through so-called network segmentation. Part of this approach is to isolate data, because if a hacker can't see the data, he can't access it. In PRINERGY's Software as a Service (SaaS) offerings, we have a PRINERGY Cloud Agent installed on the PRINERGY server that acts as an encrypted channel to a print shop's secure cloud storage account. When a printer uses PRINERGY VME with Managed Services, their files are removed from their local network and sent over the Internet to their cloud storage account, where multiple copies of the files are automatically created and securely stored in two different Microsoft Azure data centers.
In addition, our KODAK PRINERGY Managed Services, which belong to the Infrastructure as a Service (IaaS) category, provide printers with access to world-class security tools to strengthen their network and improve operational efficiency, redundancy and production availability.
Services available through PRINERGY have the advantage of being hosted on the Microsoft Azure platform, where Microsoft invests $1 billion annually in security research. This far exceeds what a company could do by hiring a security specialist. However, Kodak does not leave it at the security features provided by Microsoft, but also works with Wipro, an IT security services provider. The company conducts quarterly risk and security assessments and penetration testing for all Microsoft data centers where KODAK PRINERGY software is hosted.
Ultimately, the issue of security is all about adding layers of protection. As companies need to keep abreast of evolving security threats, the security advantage of moving to the cloud for printers is that they always have the latest tools and processes to keep their data and business processes secure.