5 Security Vulnerabilities You May Have Missed
Why should you get rid of your old capture solution?
5 Security Vulnerabilities You May Have Missed
By Mark Brousseau
This Tip Sheet is based on a presentation by industry analyst Mark Brousseau on a January 18 AIIM webinar. Mark Brousseau is a noted marketer, analyst, speaker and writer with more than twenty years of experience advising leading providers of payments and document automation solutions. He is President of Brousseau and Associates, a full service marketing PR and business development firm specializing in the payments and document automation arenas. You can view the original webinar HERE.
49% of organizations believe that unauthorized access by internal staff poses the biggest risk to your data. So many of you are looking for ways to lock down the control of your information through permissions, access controls, hierarchal access roles, and rules-based access. You’re implementing anti-virus and malware tools. You’re putting in strong passwords. Every 30 days I have to change my password. I can’t write it down on my desk calendar, can you believe it?! You’ve also implemented perimeter security. Who is it that can get at servers? Who is it that can get at our information? All of this is helping, but most organizations have an Achilles heel.
Most organizations have antiquated document scanning and capture systems that are creating five key vulnerabilities. These are the types of vulnerabilities that lead to huge compliance violations and those scary data breaches.
Multiple ingestion processes.
Most organizations have multiple delivery channels through which documents enter your organization and you likely have not have normalized processes for safeguarding that information. Fragmented systems introduce opportunities for crooks to get at your information.
Encryption (or rather lack there-of).
Many antiquated scanning and capture systems have no encryption at all. Forget about in-transit, forget about at-rest, there’s no encryption at all! Are you encrypting the information that you’re scanning and capturing? You might say, “Well, goodness. Who would want this information?” But think about what it is that’s on those documents that you’re scanning. You probably have client information, you have financial information, maybe there’s HIPAA protected information. You must encrypt that information.