Think your scanned images are safe? Think again!
Two-thirds of companies say the potential impact of a data leak would be high. 13% of companies say the potential impact of a data leak would be disastrous. That’s not so hard to believe when you consider what that stake from a reputational and financial standpoint. In fact, a lot of folks focus on the financial piece of this. According to studies, the average cost of a single data leak is $7.2 million. When you think about what Target went through with their breach, $7.2 million seems like table stakes.
These costs are only going to go up. Increased regulations, standards, and rules are raising the stakes. They’re raising the potential cost and penalties that you could suffer if your data is lost, or you have a compliance violation. Two-thirds of organizations see that ensuring the privacy of customer data is essential. Well, that’s good news. Two-thirds of organizations also see that compliance with industry and government regulations is also essential. This is a big driver behind a lot of data capture system purchases.
In fact, 30% of organizations say that compliance and security considerations are the most significant business driver of document and record management projects. That’s staggering; most assume it’s cost efficiency and productivity.
PCI (payment card industry) compliance is going to take more and more of the headlines as corporate America continues to push harder and harder away from paper-based checks and toward electronic transactions. We’re going to find that while many organizations knew how to safeguard check information, they really don’t understand how to do the same in an electronic world, where it’s easier for folks to intercept that information. That’s just the tip of the iceberg. There are 13,982 other regulations that are impacting businesses, all of them with their own cost and their own risk. Every day, there are people in Washington DC dreaming up more regulations about how to manage your data.
You’ve undoubtedly put in permissions and access controls, and you’ve implemented antivirus and malware tools. You’ve probably regulated the passwords your staff uses, so they can’t use their birth dates or 123456 anymore. You’ve implemented perimeter security so that folks can’t walk in and out of your front and back doors and literally take your information with them.
Despite all these investments you’re making at the macro level, despite all the efforts that your IT department is doing on your behalf, there’s a gap in your information security systems, and it is in the unlikeliest of places — your document scanning and data capture systems. Your information on-ramp is leaving you vulnerable to the bad guys.
A typical document imaging system is creating four major vulnerabilities that substantially increase the potential for data theft and violations of information management regulations. The four risks of antiquated scanning systems are:
- Not encrypting the data while it’s in motion.
- Unsecured log files.
- Poor visibility into operator activities.
- Poor security management.