Ke zpracování Vaší žádosti potřebujeme zpracovat Vaše osobní údaje. Odesláním souhlasíte s naším Prohlášením o ochraně soukromí.
 

2025 and beyond PART 3: Security

Andrij Stecko
Research Coordinator

YSoft SafeQ
In this third part of our series reviewing the Quocirca Global Print 2025 research, we look at security that, according to the research results, has become a top priority for organizations, and how YSoft SafeQ support organizations to address their security concerns.
 

Security as a differentiator

The Quocirca report shows just how critical security has become within the bussiness environment. Key findings within the report show that 84% of organizations place security as the most important priority between now and 2025, and that for 58% of organizations, security expertise will be the leading supplier selection criteria in 2025 with 43% expecting investment in this area.

And this is not a big surprise taking into account another finding from Quocirca. In the Quocirca’s Print2025 Report, 60% of the organizations surveyed stated that they have experienced at least one data breach as a result of unsecured printing. The impact of such a security breach to an organization can have far reaching consequences, both in terms of cost, and reputation. For example, the European General Data Protection Regulation (GDPR), which relates to the use and protection of the data of individuals, carries a significant penalty up to €20m or 4% of a business’s global turnover, whichever is greater.
 
Security is an area of concern which needs addressing now and not in the future. With the evolution of both internal and external security threats, a holistic approach to print security is essential. Security is no longer an optional add-on, but a central element of a high-quality print management and document capture solution.
 
There are a number of ways described below in which Y Soft and YSoft SafeQ is already supporting organizations to address their security concerns.

Existing YSoft SafeQ security features

Secure pull-printing – Unauthorized access to documents printed and left in the print tray of an MFD creates the potential for a security breach within an organization. Secure pull-printing mitigates this risk because the MFD will remain locked until an employee is authenticated. This authentication process helps to eliminate printed documents left in the print tray since print jobs are not processed unless the user has been authenticated at the MFD and can pick up the documents immediately.
 
Usage reporting and tracking – Internal attacks are an increasing risk for organizations. In order to identify unusual usage, organizations need to be able to monitor and identify what is being copied, scanned and printed, when and where, by whom and on which devices. The YSoft SafeQ Reporting module provides access and usage data for auditing and reporting purposes.
 
Security of communication YSoft SafeQ consists of a number of software modules that can be deployed in different locations within an organization that also communicate with each other. Potentially sensitive information (including personal identifiable information) can be sent over these communication paths. Hence, we regularly review the state of the communication paths, keep a record of these states and continuously improve their security.
 

Secure software development for new YSoft SafeQ features

Not only security features (e.g., secure pull-printing) need to be secure. Other features that pose a security risk have to be secure too. In order to achieve that, a Y Soft dedicated product security team has introduced security-related activities that are part of YSoft SafeQ’s development process. These activities include, but are not limited to, threat modeling, static code analysis, code review and security trainings. Each are described below.
 
Threat modeling – During the design phase, the product security team, together with YSoft SafeQ engineers, perform threat modeling on selected new YSoft SafeQ features. The threat modeling is a structured brainstorming with an aim to identify and mitigate security risks in the design before the engineers start with the implementation.
 
Static source code analysis Every night, automatic checks are run on relevant parts of YSoft SafeQ to detect potential security issues (e.g., SQL injection, XSS, Path traversal) both in the implementation and 3rd party libraries. The feedback, with proper context, is provided to engineers in a timely manner and the relevant issues are then addressed before the new features are released to customers.
 
Security trainings for engineers – Security trainings are considered to be a foundation for secure software development. This activity also takes place in Y Soft R&D regularly. The Y Soft product security team prepares and delivers trainings on security basics to keep engineers aware, and constantly extends the range of trainings. Also, engineers receive security-related consultations on a regular basis.
 

Get ready for 2025

 Y Soft has proactively and innovatively anticipated the need for security as outlined in the Quocirca report. With print and scan security becoming a central element of overall security strategies, Y Soft is ready to support organizations on their journey towards digital transformation, meeting their evolving security requirements.

Download a free copy of the a YSoft executive summary of the Quocirca Print 2025 report to learn more. The full Quocirca report can be purchased at www.print2025.com.
 
This is part 3 of a seven-part series exploring the Digital Transformation technologies identified by enterprise organizations in the Global Print 2025 report by Quocirca. Read parts 1 and 2 by clicking on the links below.

Part I – Private, public or hybrid cloud
Part II – Mobile


Download as a PDF
Andrij Stecko

Andrij Stecko

Andriy drives selected applied research activities in Y Soft's academic collaborations and secure software development initiatives in Y Soft's R&D teams. View all posts by Andrij Stecko
Do you want to work with us? Contact us
 
Ke zpracování Vaší žádosti potřebujeme zpracovat Vaše osobní údaje. Odesláním souhlasíte s naším Prohlášením o ochraně soukromí.
 

US