Guest Editorial by Katsuhiro “Jerry” Matsufuji, Vice President and General Manager of Canon U.S.A.

Now about two years into the COVID-19 pandemic, organizations continue to embrace a hybrid or virtual workplace even as many have the option to return to their offices.

With hybrid work seemingly here to stay, it’s essential for organizational leaders and security professionals to invest in solutions and policies that look to protect important workplace information technology and data.

Below are a few ways – from device security features to cloud software safeguarding – that local, state, and federal organizations and agencies can better adapt to the hybrid office while providing tools and protocols to help protect information.

Utilize Cloud Solutions for Better Productivity with Built-In Security Features

A seeming proliferation of mature cloud-based software and services has made the switch to the hybrid workplace easier while enabling better collaboration in both office and remote settings.

IT decision-makers have learned that pairing the right devices and solutions can help better enable hybrid productivity – and continue to innovate the way we work.

One area to consider is email, and scan-to-email, security.

A cloud-based software service like mxHero can capture email attachments and store this content in separate cloud content management software while also adding a secure link to enforce governance and control on accessing data and content.

This type of solution can help provide another layer of security for email communications.

This functionality can also be added to compatible Canon multifunction printers for scan-to-email attachments.

(See how the mxHero Secure Scan to Email device license brings the power of mxHero’s Mail2Cloud platform to your multifunction printers by replacing scan-to-email attachments with a cloud storage link. This solution, available with Canon imageRUNNER ADVANCE or imageCLASS devices, provides an additional layer of email security—whether your workforce is working in the office or at home. Courtesy of Canon USA and YouTube.)

Government IT departments and agencies should consider various security-focused solutions that have been authorized by the Federal Risk and Authorization Management Program (FedRAMP).

FedRAMP provides a standardized government-wide approach to security assessment, authorization, and continuous monitoring of cloud products and services.

Once a service is FedRAMP authorized, federal agencies can reuse the authorization for their organization, easily understand the levels of security included in the solution, and have a cloud-based deployment model.

The program’s “do once, use many” framework provides tremendous value and cost savings.

Output and device management systems such as the FedRAMP-authorized Canon Office Cloud are another area to consider.

Both the uniFLOW Online and Netaphor SiteAudit components of Canon Office Cloud can help employees stay connected and maintain access to critical business information while implementing sophisticated security and control features.

By implementing cloud-based print tracking and device status monitoring solution that works for both office and remote locations, organizations can gain the performance and cost insights to help monitor their print infrastructure.

(Since launching in 2016, uniFLOW Online has been enriched with a multitude of features to provide a comprehensive solution for the evolving needs of our customers. Continuous development has made it a preferred cloud print and scan management solution for thousands of customers worldwide. Courtesy of Canon USA and YouTube.)

FedRAMP-authorized cloud service providers are required to file annual independent audit reports with sponsor agencies (or the Joint Authorization Board) to document that they are adhering to the program’s rules and standards.

In addition, Cloud Service Providers are required to conduct monthly continuous monitoring sessions, disclose any findings, and review milestones and action plans to address any issues, with pre-defined timelines based on issue severity.

FedRAMP-authorized systems can help agencies reduce paperwork for compliance documentation, as well as access logs, security scans, intrusion detection, and prevention system (IDS/IPS) logs, and physical and logical access controls, all of which are updated regularly.

FedRAMP gives government IT managers planning cloud migrations a streamlined approach to compliance.

(See a brief introduction to FedRAMP, which was established to provide a cost-effective, risk-based approach for the adoption and use of cloud services by the federal government. The program creates a partnership between the federal government and industry to modernize IT infrastructure while protecting federal information. Courtesy of FedRAMP and YouTube.)

Be Careful about “BYOD” Policies and Guidelines

In a hybrid work environment where some employees may be “on-the-go,” it’s not uncommon for workers to sync up their professional email accounts to their personal devices, especially mobile devices.

It can be an effective way for people to stay connected while they are in the field or after-hours.

In theory, this is a plus for any organization; engaged employees can access email and documents even when they aren’t in the office and print to their home printers or a local print shop.

However, with potentially lackluster security protocols, employees may lose sight of properly securing their own devices, or unknowingly share classified information on public devices.

Company-issued devices can provide the right security guardrails and approved applications.

While it may not always be feasible for organizations to issue everyone a mobile phone, managers can help support their organizations by encouraging and making thoughtful decisions about communicating how and when employees should use company devices, along with setting appropriate policies on when to use personal devices.

For example, as printing is an essential tool in almost every work environment, organizations should help establish protocols around in-office vs. at-home printing – and company printers should have security solutions that can help facilitate a secure hybrid workplace.

Fortunately, advancements in printer technology include built-in and optional security features.

Some devices include elements such as:

• Security settings that can be captured and exported to other printers on the same network or VPN.

• Automated and remote control access to printer and scanner devices for authorized personnel, along with set rules and protocols to help with protection.

• Verification processes that add checkpoints when a printer is booted up can create a process to help confirm that the firmware, and applications, are free from unauthorized modifications.

(Learn More. As a leader in advanced digital imaging, Canon offers a comprehensive line-up of award-winning office imaging solutions and services. Courtesy of Canon U.S.A. and YouTube.)

Consider New Mandates and Re-evaluate Authentication Processes

New cybersecurity policies and executive orders are emerging as work infrastructure continues to evolve and organizations pivot measures to help protect their organizational data.

Government and federal IT departments today have largely adopted Multi-Factor Authentication (MFA) processes, such as the DoD’s Common Access Card (CAC) and Personal Identity Verification (PIV), but not all systems can accommodate these controls.

It can be beneficial to explore new trends and tap a variety of authentication techniques that could be applied across a wide range of applications in government.

To guide any application exploratory phase, consider prioritizing systems according to mission-criticality and sensitivity, and seek to prioritize MFA for systems deemed most critical and then work down from there.

Looking Ahead: Keep Security Top of Mind

A government IT department or agency’s security plan can act as a resource and living document. It can be updated on a regular basis, depending on potential threats coming up on the horizon.

It can include the basics of your approach, as well as practices, including guidelines on how to advise when to use personal devices and how to protect them (such as up-to-date operating systems, browsers, firewalls), utilizing multi-factor authentication (not just strong passwords, but secondary methods of authentication and information on new mandates), and data protection (including how to handle customer or other protected information).

Regardless of an organization’s strategies or plans, one potential trend is emerging across professions: new ways of hybrid working may continue to bring new and disruptive challenges.

As a result, government IT departments should familiarize themselves with the latest security mandates, solutions, trends, and tips so they can choose the right solutions to meet the needs of tomorrow.

About the Author

Katsuhiro “Jerry” Matsufuji is vice president and general manager for the Business Information Communications Group of Canon U.S.A., Inc.

In his role, Matsufuji helps enterprises leverage the solutions and technology needed to thrive in today’s competitive business climate.

Over the course of his 33-year career working at Canon, Matsufuji has worked at offices both inside and outside of the U.S. showcasing the strength of his leadership.

Canon U.S.A. is a leading provider of consumer, business-to-business, and industrial digital imaging solutions to the United States and to Latin America, and the Caribbean markets.

With approximately $30.4 billion in global revenue, its parent company, Canon Inc., ranks third overall in U.S. patents granted in 2020† and is one of Fortune Magazine’s World’s Most Admired Companies in 2020. Canon U.S.A. is dedicated to its Kyosei philosophy of social and environmental responsibility.

Canon U.S.A. Named a Multi-Award Winner in 2021 ‘ASTORS’ Awards Program

American Security Today’s Annual ‘ASTORS’ Awards is the preeminent U.S. Homeland Security Awards Program, and now in its Sixth Year, continues to recognize industry leaders of Physical and Border Security, Cybersecurity, Emergency Preparedness – Management and Response, Law Enforcement, First Responders, as well as federal, state and municipal government agencies in the acknowledgment of their outstanding efforts to Keep our Nation Secure.

Canon U.S.A. (First of Two)

Best Email Security Solution

• mxHero + Canon MFP

• A cloud service for intelligent email management, mxHero™, can integrate onto a Canon multifunction printer (MFP) to help customers safely collaborate, govern, manage and share information.

• By leveraging powerful storage platforms like Box (purchased separately), it can help create a cost-effective solution superior to single-purpose, document/email management products by replacing inbound and outbound email attachments with secure file links.

• This solution is made to be compatible with most devices, helps to minimize end user effort, provides security measures to help control access to attachments (even when outside of the company) and can help screen malicious content.

• Especially in today’s environment where solutions designed to help team’s collaborate while working in multiple places is important, services such as mxHero™ can help companies implement security features, govern and manage attachments while people aren’t able to physically connect face-to-face.

 

Canon U.S.A. (Second of Two)

Best IT Access Control & Authentication System

• imageRUNNER ADVANCE DX Series + uniFLOW Online + Print via Cloud

• The latest edition of the imageRUNNER ADVANCE platform, the imageRUNNER ADVANCE DX series with uniFLOW Online, is designed to help prepare its customers for the future of work through its simple, flexible design, advanced scanning, strong security, enhanced cloud features and user-friendly enhancements, like soft number keys similar to a smartphone or tablet.

• The uniFLOW/uniFLOW Online platform is an end-to-end device management solution that can help improve the control and efficiency of imageRUNNER ADVANCE and other compatible multifunction print solutions through its security features.

• The platform provides business employees the ability to control and monitor access to sensitive information with its enhanced authentication and user tracking features.

• To help limit unauthorized use of devices and keep valuable and confident information safe, uniFLOW requires users to identify themselves at the solution, and its Secure Print functionality allows users to send sensitive documents to compatible network printers from desktops and compatible mobile devices.

• When using this function, regardless of how users submit a print job, documents only print when the user is physically standing at the device and authenticates.

• Through uniFLOW Online’s ability to store print jobs and release them only when users are in front of the supported Canon print device, solutions such as this help to limit document contamination, which is especially important in our current environment where mitigating contact between individuals is vital.

(Having the needs of the end-user in mind, we started to create a brand-new device user interface (UI) for uniFLOW Online. With a modern look and feel, uniFLOW Online focuses primarily on the login process on Canon imageRUNNER ADVANCE DX devices. It introduces the possibility of adapting the UI to suit customers’ own corporate identity. Subsequent development will expand the optimized user experience to secure printing and scanning functionalities. Courtesy of uniFLOW and YouTube.)

• *Canon U.S.A. was also recognized with Multi-Award Wins in the 2020, 2019, 2018 and 2017 ‘ASTORS’  Awards Programs.

• Additionally, Axis Communications, a Canon Company has been recognized in the 2020, 2019, 2018 and 2017 ‘ASTORS’ Awards Programs respectively.