In Action
Our Solution—Print Fleet Cyber Security as a Service™
Identifying and addressing enterprise risk requires not just cutting-edge software but also experienced and available personnel to operate it and an ever-vigilant effort to address the rapid changes associated with today’s IT eco systems. Our Print Fleet Cyber Security as a Service™ solution provides all that to protect your printer endpoints, the valuable data that they transmit, process and store and the internal network access that they provide.
Print Devices—Hidden Cybersecurity Risk
Print fleets can number in the 1000’s of devices with each device representing many potential open, but hidden doorways that can expose not only that device, but your entire network and company to information theft or sabotage.
Hidden Risk: Print Devices are Vulnerable Complex Workstations
Print devices offer advanced capabilities that provide great business benefits such as accessing the internet, storing data on hard drives, emailing in and out of the domain, downloading and uploading software, opening communications ports and enabling storage on USB thumb drives. But, if unprotected, these very same capabilities expose your entire business to risk of data theft, remote network access, ransom and sabotage.
Complex Security Settings are Available But Not Used: No Visibility
To address these known risks, all print device manufacturers have incorporated security features but have not provided a way to monitor those settings beyond their own latest models. The multi-vendor print fleet has not been addressed.
No Visibility To Change
Even if security settings are turned on at commissioning of new printers, they often get turned off. Cyber security teams have no way of knowing—no visibility. Managed Print Service providers are equally without visibility.
Essential Evergreen Inventories through Device Lifecycle Management
We start with what we call “Essential Evergreen Inventory”. Our solution inventories all the devices (regardless of make, model, age, firmware version or location) that comprise your fleet. Then, with automation, we maintain an accurate evergreen inventory with comprehensive device lifecycle management—The Foundation of All Effective Risk Management. Our solution automatically accounts for changes in device location, IP address, and device configuration and other changes. It is true IT Lifecycle Management for your printers.
Security Settings “Gold Standard” Controls Determined & Established
Next, our solution inventories the available security settings on each device for you to decide on your “Gold Standards” to be established per device and enterprise wide. Symphion provides recommended best practices “Gold Standards” for each device’s security settings, you can choose your own or you can use both. Symphion then sets those device security settings (except settings requiring maintenance mode) to establish those Gold Standards.
Patch Management: Symphion Firmware Deployment Service™
Updating firmware in large print fleets is not being done in the field, with printers often 6-8 versions behind. Auto-updating is not advisable due to the associated high risk of business interruption and damage to printers.
Symphion’s Firmware Deployment Service™ is specifically designed to address this almost universal need. It is deployment automation for firmware payloads to enable updating to and maintaining current firmware on all in-scope imaging devices in large print fleets.
Remediation: Symphion Automation Maintains Settings
Security settings get changed and so do printers that comprise the fleet often. To maintain your protection, these settings (and printers) must be surveilled and remediated. For the term of the service, Symphion automation, operated by Symphion professionals, surveils and remediates your security controls across your entire print fleet to your “Gold Standard” – so you don’t have to!
Regular Systematic Process with Records Maintained Immediately Established
In addition to monitoring & remediation, our monthly disciplined process automatically establishes a regular risk assessment, a regular security evaluation of chosen controls and historical records of your chosen controls and measures taken to secure your enterprise. These records are readily available for auditors without requiring a project or dedicating your employees’ time. Our process and records match most security mandates for regular assessment and record keeping including NIST, HIPAA and others.
Includes a Program Management Office and Support Transitioning
Where do you start? What processes/controls are right for us? Most businesses need consulting to make these decisions. So, we have included a Program Management Office to guide and advise you in designing and adapting your Gold Standard(s) and processes. The PMO lasts for the term of the service.