By Gregory Pings
A data breach will cost you. Market research firm Cybersecurity Ventures estimates the cost of cybercrime will rise to $6 trillion by 2021. Beyond the dollars and cents of restoring your data and the network, however, a data breach will leave a mark on your brand and weaken your reputation.
This is why security presents an opportunity for companies to differentiate themselves in a crowded, competitive market. Xerox knows this, which is why we hosted a security summit earlier this year. The event offered powerful value to the vendors, agents, dealers and customers who attended, and Channelnomics named the Xerox Security Summit “Best Security Event of 2018.”
If you missed the Xerox Security Summit, here are a few other things you should know about security.
Nine ideas about information security from six experts
For the criminals, your data is at the core of a lucrative business model, which is why the threat landscape always changes. Information security is several things, but it is never a one-and-done thing. Here are some ideas from the Xerox Security Summit that will help you think about your information security strategy.
Partners in data protection
Security is critical to every business. Learn more about product and data security solutions at Xerox.
IoT is so cool, even the hackers have noticed
Calendars, email, uploads, downloads and more are accessed by armies of devices. Collectively known as the Internet of Things (IoT), people who have a reason to access your network love them for their convenience. Cyberthieves know this, which is why they try to infiltrate your network through smartphones, tablets, smartwatches and more. Your printers are things of the internet too, which is why Xerox and Cisco made it easier to secure them.
Cisco’s Identity Services Engine (ISE) now comes with profiles of more than 200 Xerox printers, high-end production presses and multifunction devices, including our portfolio of 29 new ConnectKey-enabled VersaLink and AltaLink workplace assistants. These webpages will help you understand how Cisco ISE helps network and IT managers assure intrusions won’t happen through their printer fleets.
Common Criteria certification for security
Achieving Common Criteria Certification is not so common. That’s why Xerox is especially proud to receive the industry’s most stringent information security standard certification from National Information Assurance Partnership (NIAP).
With cyber security threats growing in both numbers and complexity, NIAP determined to tighten up its security standard for hardcopy devices. In November 2017, 10 Xerox AltaLink MFPs became the first products to receive Common Criteria certification from NIAP for the new standard.
Xerox-McAfee solutions provide unrivaled security
Xerox print devices have been engineered with security in mind. That’s why Xerox is the only company that embeds whitelisting technology from McAfee, and provides a free extension for ePolicy Orchestrator.
Xerox’s AltaLink, iSeries and WorkCentre EC7836/EC7856 multifunction printers come bundled with McAfee Embedded Control software, so you can rest easy knowing that your MFPs, and any data associated with them, are safe and secure. Key features:
- Whitelisting: Xerox predefines a list of trusted applications and functions that can run on an MFP; nothing else is allowed to execute. This is the most efficient way of blocking malicious attacks and attempts to corrupt the printer’s firmware
- Alerts and audit logs: Any attempt to change applications, or perform a blocked activity, triggers an email alert to the system administrator. What’s more, tracking those attempts is easy.
- McAfee ePolicy Orchestrator (ePO): Using the free ePO extension from Xerox, IT admins can include Xerox printers in their central security management process. McAfee ePO is easy to use, with drag-and-drop dashboards, and lets organizations use their existing IT infrastructures. Adding eligible Xerox devices to the ePO allows administrators to receive automated alerts, view device security events on the ePO dashboard, keep device firmware current, and track up to 60 security settings.
ARVE Error: Mode: lazyload not available (ARVE Pro not active?), switching to normal mode
What motivates cybercriminals?
The obvious answer is money, but cybersecurity company McAfee wanted to know if there is more to it. McAfee researchers examined recent examples of ransomware and the accompanying ransom notes that included email addresses where victims could send their payments or ask questions. The researchers sent emails asking the “actors” if they would answer a few questions.
Initially, the McAfee team received a few replies, but most of the actors did not want to cooperate. No surprise there. But their luck slowly changed over the next few weeks, and the researchers gathered a collection of conversations. Their findings:
- Yes, it’s about the money. Travel, cars, a house, and some were simply paying off debts.
- Almost all said they were willing to negotiate the ransom price, if the victim cannot afford to pay.
- People become ransomers because they believe cybercrime is low-risk with high returns. This is increasingly untrue, because law enforcement agencies have partnerships with academic institutions and cybersecurity companies (like McAfee).
A leader in cloud-based MPS security and workflow automation
Xerox is the only cloud-based managed print services (MPS) provider that has achieved in-process status for the U.S. government’s Federal Risk and Authorization Management Program (FedRAMP) for our MPS offerings. This designation tells decision makers at federal agencies that our solutions can improve the security of their information, cut printing costs and improve transparency.
Xerox is the only company in the document technology space to earn this crucial designation. Xerox Managed Print Services for the U.S.