Hi. Welcome to Ingram Micro.

Please choose your role, so we can direct you to what you’re looking for.

If you’d like to learn more about Ingram Micro global initiatives and operations, visit ingrammicro.com.

7 Document Imaging Security Concerns and How to Address Them

February 17, 2017

A document imaging system is typically installed in order to improve a process that has historically been handled primarily with paper documents. There is typically a certain level of comfort related to the security of a paper process that has been in place for several years. Converting paper files to electronic images may raise some security concerns among your customers—especially in the wake of recent high-profile electronic data hacks involving organizations like Sony, the IRS, and several large retailers.

Following are seven typical security concerns that your customers may have about document imaging and some ideas on how to address them:

  1. Are my images safe? This depends on quite a few variables. Once they are captured and stored on a server, images are as safe as any other data on your servers. Like other data, they can be protected with passwords and other types of access control, including encryption. As far as safety related to system failures, as with most data, document imaging systems are typically backed up. An off-site back-up is preferable to protect against natural disasters.

  1. Can images and data be stolen during a scanning process? Yes, if you do not guard against it. Encryption of images in transit from a scanning station to a server is one way to secure them. Also, settings can be implemented that ensure that after an image leaves a scanning station, like an MFP, a PC attached to a scanner, or even a mobile device, it will be automatically deleted.

  1. But what about the scanning operators and data entry personnel? Can’t they steal information from images? It all depends on how secure your set-up is. In a truly secure environment, all paper entering a scanning facility can be logged and accounted for during pre-scan and post-scan audits. PCs and MFPs where scanning is done can be locked down and enabled to only scan to specific destinations. Finally, if remote key entry is being utilized, snippets (or pieces) of document images can be sent to keyers so that they never see a full field of potentially valuable data like a credit card or Social Security number.

  1. Do imaging systems comply with regulations like HIPAA and Dodd-Frank? Once again, it depends on how they are set up. Many document imaging and electronic content management systems have all the access control and audit capabilities needed to comply with most regulations. However, it typically takes someone with expertise (a great opportunity for a reseller) to configure them in a way so that they comply. Imaging systems have been used across many industries and countries in order to meet government-mandated compliance regulations.

  1. Can redaction be done on document images? Yes, but it’s important to ensure that the tools being used eliminate the information that needs to be redacted—not just cover it up with a marking that can be removed by someone with the right tools.

  1. Is a cloud document imaging system safe? Recent numbers have shown that less than five percent of current ECM implementations are in the cloud, and many people are still nervous about storing important documents on shared servers. The bottom line, however, is that security is a major priority for organizations that offer hosted applications. Because they are serving multiple customers, the economies of scale that they can bring to building and enforcing security policies is much greater than most organizations (especially mid-size to smaller ones) can bring to their own security efforts. The result is that most cloud applications are probably more secure than anything users can enforce in-house. For those that are still skeptical, there are often private cloud options that advertise the best of both worlds for a slight premium.

  2. Is using document imaging safer than sticking with paper documents? The answer is probably yes. The amount of control and accountability around a document image is much greater than it is around a piece of paper, which is much easier to make disappear without a trace.

Conclusion

Document imaging is a mature technology that has been applied in multiple secure environments over the years. Configuring it to meet the security levels required by your customers—either for compliance or just so that they feel comfortable with it—is a great value-add opportunity for value-added resellers. There are plenty of tools available in order to help you accomplish this. Combined with inside knowledge of your customers’ business and/or industry, properly addressing document imaging security concerns could prove a boon to your business.