SSCIP Members can protect sensitive and confidential data by including copiers in their information security plan. Follow these tips to safeguard information:
1. Educate yourself and your employees about copier risks. Be aware of the information stored on the device and the risk if that data is stolen or the device is lost. Limit storage of sensitive data on such devices.
2. Assign responsibility. Make sure copiers are managed and maintained by your organization's IT or information security team. Employees who secure company computers and servers should also secure the data contained in the copiers.
3. Research and use your copier's security features or purchase extra security capabilities. Most newer models offer disk override or disk erase features that ensure each new document copy overrides the previous one; additionally, many copiers are equipped with data encryption capabilities.
4. Secure data before returning or disposing of your municipality's copiers. Review your options for securing the hard drive or internal memory with the copier manufacturer, dealer or servicing company. Some companies may handle data disposal for you. If returning to a leasing company, use easily available software to sanitize or "wipe clean" the hard drive and document the sanitization process.
5. Consider compliance responsibilities. Your organization may be required to follow specific compliance obligations depending on the information it stores, transits and receives. Make sure you're aware of state, federal and international requirements.
For more information regarding copier data security, contact SSCIP's Loss Control department at (602) 996-8810 or visit https://southwestrisk.breachresponse.com/