News

Printers have been warned by the information commissioner not to take data security lightly

Martin Ruda, managing director, Tall Group
There are some well-established and rigorous standards, which apply to the management of data. Typical of these is ISO 27001, a data-management and information security standard, which is a minimum requrement for security printers within the APACS-accredited printer programme and provides a very rigid framework for secure management of data. So there are formal international standards in place and once they have the relevant provisions up and running, printers are free to apply for accreditation to a standard such as that. I suspect not all printers do so.

John MacDonald, general manager,
CGI Digital
You have to take data security very seriously if you want to win business, because this is a very serious and competitive industry. We have picked up lots of new clients recently and they always want site visits and are very thorough in checking out our facilities. You have to have the latest technology. For instance, we have installed CCTV cameras on site. The ability to turn work around within a day is crucial. You also have to make sure that you have a licensed carrier for secure waste, to ensure you get certification proving it has been disposed of correctly.

Mike Taylor, chief executive, CPI UK
Security is taken very seriously at CPI. We recently produced a book for Madonna and it was essential that nothing leaked to the press prior to publication. We hired extra security at the plant, embargoed all waste from the product and briefed all of our staff on the matter. The operation was successful and nothing leaked. I know there was an incident before the launch of the last Harry Potter book at another printer when details did leak. However, my impression of the industry, in particular financial and city printers, is that they take security extremely seriously. It’s hugely embarrassing for a company when data loss occurs and loss of reputation can be very costly to a company.

Chris Parkinson, group compliance director, Lateral Group
Businesses may treat data differently in different areas of the operation. For example, one part of a mailing house, where data is available on disk or printed out for proofing, will often not be completely secure, while another part, which deals with financial information, will have all the necessary checks and measures in place. People often don’t realise that the same level of security needs to be administered to data whether it is on a disk, printed out or whatever. There is a need to dot the ‘I’s and cross the ‘T’s and ensure staff are trained to prevent security breaches occurring.