New Jersey lawmakers want copier hard drives wiped to prevent ID theft

Is printing dangerous? It definitely has privacy and security implications, according to many.

The New Jersey legislature, for instance, this week passed a bill (A-1238) that says copy machines and scanners should have
their hard drives erased or otherwise modified to make sure records stored digitally on them are no longer viewable after
the owner gets rid of the machines. That’s according to the Courier Post Online, which says the bill’s sponsors, New Jersey legislators Paul Moriarty, Herb Conaway and Dan Benson, view this as a way to
prevent identity theft when digital copiers and scanners are sold on to others.

RELATED: Do we need data-loss prevention for printers and copiers?

The penalty for not doing that in the way demanded under the bill could run as high as $2,500, and while some might view this
as legislative overkill, the concept that printing on digital machines can have privacy and security implications has been
long understood by industry experts.

HP, for example, says enterprises are putting in security controls for modern printers used in business to put the brakes
on data loss and paper waste by individuals who remotely run print jobs but later forget all about them. This apparently happens
a lot.

HP consultant for financial services Roger Lang says the technique known as “secure pull” keeps track of print jobs by requiring users to authenticate with a proximity ID card right at the printer in order to receive
the print jobs they ordered. Otherwise these jobs are simply digitally stored and not printed out. Jet Mobile and Pharos Systems
are among other vendors offering such secure printing capabilities.

According to Lang, citing a Carnegie-Mellon University study, cleaning crews at night are estimated to throw away somewhere
between 15% to 30% of the paper pushed out by printers during the day.

Setting up a centralized server-based system for secure printing in business accomplishes a number of goals, Lang points out. One is that it allows for the
internal storage on the printer digitally holding the non-authenticated printing jobs to be automatically purged at a specific
time, such as midnight.

Lang also points out that “print governance” via proximity cards can be linked to business processes to keep track of what
people are doing with printers, which today have multiple scanning capabilities.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends
related to information security.

Read more about security in Network World’s Security section.

Leave a Reply

Your email address will not be published. Required fields are marked *