Thursday, June 3, 2010

Overages

The typical facilities management contract is structured with either a “zero based plan” or a “minimum allowance” for impressions”. A zero-based plan only requires you to pay for impressions made.  With a “minimum allowance”, you are allotted a certain number of impressions per month/quarter and, if you do not meet that minimum, then you are paying for unmade impressions.

One way to avoid this is to structure a “minimum allowance” contract with an underage mechanism and a monthly/quarterly reconciliation process to obtain credit for unmade impressions. In addition, before committing to a “minimum allowance” contract, you should first take good, reliable measurements of your printer and copier usage.

Posted at 10:36 AM Tags: printers and mfds
Thursday, May 27, 2010

MFD Hard Drive Security and Your Firm’s Data Security Policy

Much has been written lately about the issue of the hard drives on discarded multi-functional units and the ability for third parties to retrieve documents after they have been discarded. In light of the recent press, many firms are taking a closer look at their data security policies and procedures. As we have stated in previous blog postings, there is little to be concerned of if you are dealing with a reputable dealer or manufacturer.

That being said, many of our clients have expressed a desire to have a more formal process in place or equip their equipment fleet with the necessary software to cleanse their hard-drives on a regular basis. If this is your firm’s desire, and Mattern & Associates was involved in the negotiation of your equipment or outsourcing contract please contact us and we will make the necessary arrangements to put these procedures in place.

It doesn’t matter how long ago these contracts were negotiated, or if you retained Mattern for Phase III – Monitoring and Maintenance. If we were involved, we will assist you in addressing this issue. 

If you are interested in exploring your options, please contact Brady Schoenrock of Mattern & Associates at bschoenrock@matternassoc.com or 610-459-7750. 

Posted at 10:34 AM Tags: printers and mfds technology tips
Wednesday, May 12, 2010

MFD Hard Drive Security

In the past week, several clients have contacted us in response to our April 30th blog post on MFD hard drive security. This has become a very hot topic, virtually overnight. We decided to survey some equipment vendors and see what their experience has been since CBS News aired an expose piece on April 15th.

Vendors tell us this has been an issue for many years, particularly for companies that handle classified information for the Departments of Defense, Homeland Security and Justice. Technology to adequately address this issue has existed for many years, and DoD contractors have had this technology in place all along. Until the recent CBS piece however, the issue had not been in the forefront for most businesses.

The good news is there is no need to worry. A survey of major MFD vendors revealed that each have several products available to address your concerns:

a) Software that overwrites each image with encrypted code immediately after the scan is captured

b) Software capable of “wiping” the hard drive clean after each copy, print or scan

c) Removable hard drives that become property of the Firm at conclusion of the lease term. The hard drives can then be destroyed by the vendor of your choice (likely the same company you use to destroy computer hard drives)

Of course, the way to insure these procedures are followed is to develop and follow a comprehensive data destruction policy.

Posted at 2:02 PM Tags: printers and mfds tech tips
Friday, April 30, 2010

Your MFD Fleet May Hold a Treasure Trove of Confidential Information for Identity Thieves

Every time you use an MFD to copy, scan, print, fax or email, the hard drive built into the machine saves an image of your job. Once your lease term ends or you trade in for a new fleet, those machines make their way to one of many warehouses across the country, where they are either broken down and recycled or resold.

Here is where the potential problem lies.

If your Firm regularly deals with documents containing personal information, chances are images of those documents still reside on the MFD hard drives. Identity thieves now see the used copier market as a prime hunting ground for valuable information. A copier purchased for $200 can yield thousands of records containing personal information such as social security numbers, medical information or financial account numbers.

Some government entities have reacted quickly to this threat. The Commonwealth of Massachusetts recently enacted MGL c. 93H; 201 CMR 17, a law written to protect the personal information of residents of the Commonwealth. The law contains provisions for the protection of personal data that is stored or transmitted over computer networks – that includes transmitting a print request over your network to a printer or MFD. Add to this the aforementioned MFD hard drive implications, and suddenly we have a potentially serious issue for any entity storing or working with the personal data of any resident of the Commonwealth.

Certainly, if you are operating a law firm or business in a state such as Massachusetts that has legislation enforcing data protection, you need to be especially aware of where your (and your clients’) data is being stored and whose hands it falls into after your machines leave your building.  In any case, lawyers have a duty to protect their clients’ information in every state, so this is not a time to put your head in the sand and hope for the best.

Ask your MFD suppliers to explain how the hard drive from your previous machine will be removed, and either delivered to you or destroyed effectively to protect your Firm’s confidential information.  Protect yourself, protect your clients, and make sure that you are in control of your Firm’s own data.

Posted at 11:14 AM Tags: technology tips printers and mfds
Wednesday, April 28, 2010

The Hard Facts…On your copier’s hard drive!

Much has been recently written and blogged about documents that may remain on your copier’s MFD (Multi-functional Device) hard drive when you replace it.  In the past week, Sharon Nelson’s Ride the Lightning blog (http://ridethelightning.senseient.com/) has covered several angles on the story of the Buffalo Police department learning the hard way that data was actually stored on their copier machine, confidential criminal records, actually.  When the Buffalo PD put the copiers up for sale, the data was discovered and resulted in a security breach.

It is true there may be documents remaining on the hard drive if your MFD does not have a security feature installed to delete files daily (cost for this is about $200). Most companies that service your units properly will erase all data (facsimile numbers, email addresses, etc.) when the units are uninstalled, but it’s a good idea to make sure they actually follow through on that.  

If you need written documentation, or if your service company doesn’t do it (it should be written into your service agreement), then they will charge you approximately $200 to come out and do it on demand. Also when your unit is refurbished for resale the hard drive is generally re-formatted or replaced by a reputable dealer.       

The bottom line is that your Firm’s MFDs hard drive should be treated just like that of your laptops and PCs’ hard drives. Make sure you have a procedure in place to address security for it, so you don’t end up with a Buffalo shuffle on your hands.

Posted at 11:04 AM Tags: technology tips printers and mfds