Make print security second nature
Strong document security needs a strong security culture. Preventing data loss starts with your people. So while we’re the first to say that our print management software can help secure your printed documents, we’ll openly acknowledge that document security remains first and foremost a people problem.
Technology won’t fix a people problem but it can be used to help. As a print management company, we’ve seen many organizations around the world use our software together with cultural change to achieve big security wins. On this page we’re sharing some tips on how to achieve print security success.
How to build a strong document security culture
For most companies, the path to a strong security culture is taking incremental steps that make a difference to the daily work-life of staff. Security-related solutions can help here. Combining security-related solutions with cultural change is the secret to success.
For example, a simple task like having to sign into a printer could cause a user concern if they don’t understand the benefit of it. But if they understand the environmental benefits such as saving paper, toner, and power, you have a much more compelling case for cultural change that people will buy into.
Five tips for building a strong document security culture
Here are five recommendations for how to build a strong document security culture in your organization:
||Document security is everyone’s responsibility
||It’s tempting to assign network/printing security responsibility to an expert — usually someone sitting in IT — and hope the job will be done. Wishful thinking! A successful cultural change has to involve more than just the overworked IT staff, and in particular it must include people that create and consume documents (all of us!).
- Ask the folks at the top to help convey the importance of security to your organization.
- Use staff from across your organization to regularly reinforce this message.
- Fix the weakest links in your chain — tackle the parts where document security is weakest or the biggest risk.
||Give users information to build understanding and ownership
||You want your users to be informed so they can build understanding and take ownership of their printing habits.Imagine if your users really knew how many documents are printed each week. Holy cow! Give people the info they need to understand the risks.
||Recognise people who do the right thing
||It’s the number one way to encourage a change in behavior — it’s so important to reward good behaviors.
- Offer a reward or bounty for people who catch a security issue.
- Reward and recognize small steps in the right direction.
- Celebrate milestones as an organization, for example, with PaperCut you can measure the number of jobs securely released. Celebrate when you achieve 100% of jobs securely released.
||Unity is strength — avoid the single weak link
||Don’t weaken your security effort by compartmentalizing by department. Security is as strong as the weakest link, so a unified approach is important. Document security should not be separate from general or IT security.
- The popular vectors of attack will change. One month you might be subject to phishing email attacks. Another month, lost physical documents may be the weakness.
- Talk about document security alongside building and personal security. This will help instill the message that security in all its forms is owned by everyone.
||Make document security fun
||Are you serious? Well security is serious, but it needn’t be totally serious. A boring presentation is unlikely to be engaging or effective. Even with a topic like security, there are ways to make things fun:
- Gamify the security message. Who’s up for security trivia?
- Give some real life examples. Perhaps even share a miss-step of your own to make a point.
- Combine security with a positive message. A well-tested example with printing is to combine secure print release with a print wastage environmental message. You get a win on both fronts.
Real world examples
There are hundreds of tips about print control, so we've taken the best practices from key industries and put them here for you:
An international language school had a minor document security scare. A staff member had printed out student emergency contact information for an upcoming excursion (off-site trip). This was usual practice. The documents were unfortunately accidently left on a desk in a public area, and this exposed all students' personal identifying information. The school used this event to indicate there needed to be some culture change.
Alongside a general awareness campaign, they used PaperCut MF to watermark the staff and student's name on everything they printed. The students didn't mind because, as a school, there was already a strong culture of students putting their names on everything. Yes, having it automatically apply to staff documents was a new, but still it was a familiar concept. Seeing their name appear on every printed page made a big difference in making document security more personal and owned, and helped reinforce the culture change message.
A disability services organization with seventeen locations kicked off a change management program for information security by tackling print as an easy first step. They built momentum with something most staff could easily relate to — implementing [secure print release](https://www.papercut.com/discover/print-security/secure-print-release/) using staff's existing door access cards. A number of security-win stories were shared via the all staff newsletter, and the milestone of 100% of jobs being printed via secure print release was celebrated. This small but successful project around good print security laid the foundation for a series of other projects aimed at improving the information security culture.
When a major supermarket chain started rolling out [secure print release](https://www.papercut.com/discover/print-security/secure-print-release/) and document security features as part of a company-wide program, the user response was grumpily negative. People saw the 'extra steps' around printing as an annoyance and head office poking their nose in again.
In a stroke of change management genius, print security was repositioned as a compelling environmental story, by highlighting how much paper waste was being saved by unreleased print jobs. In their case, almost 14% of printing was uncollected. After this repositioning of the iniative, almost overnight the user sentiment became positive. The story of reducing waste was shared not only to staff but also mentioned in a shareholder's report summarizing wins for the year.
Government / Local Council
A provincial treasury department wanted to encourage more responsible printing behavior, and found an easy way to do it with PaperCut MF. They enabled silent tracking and reporting of print activity, and started making the information available to teams with regular email reports.
This simple combination of awareness and visibility saw print volumes and paper waste decline. In addition, having this information available in the IT team helped make the value of document security clearer than ever. As the next challenge, the department is in the process of rolling out [Find-Me printing and Secure Print Release](https://www.papercut.com/discover/print-security/secure-print-release/). This change has been made easy now there is already awareness and knowledge about printing in the teams.
Want to know more…?
If you want to dive deeper into the topic of print security, our Security Whitepaper is a great place to start.
To learn how PaperCut print management software can help you along your security journey, check out these links: