Even though the Corona pandemic has further accelerated digitization: paper documents still play an important role and contain personal data. Therefore, don’t forget paper when it comes to protective measures. Especially in the home office, this could easily happen.

The digital office remains the future

People have been talking about the digital office for a long time: Everything will be digitized, file folders will disappear. But even today, this idea is still pie in the sky. So far, only 48 percent of companies are using solutions to digitize documents, as reported by the digital association Bitkom. As a result, there are still many paper documents that contain personal data and therefore need to be protected. Yet paper documents are not just kept in locked filing cabinets.

Confidential documents commute between the office and home office

Many paper documents are also used and stored outside the office and company building. Home office activity and mobile working on the move have exacerbated this. Where so-called hybrid work as a mixture of office and home office becomes part of everyday business life in the future, this will also have consequences for paper documents. Employees then transport files and other documents in paper form between the various work locations. For example, someone may print out a current customer transaction in the home office and then take it back to the office later to file the document in the appropriate folder. During this transport, however, the document could be lost or even stolen.

Printers are a multiple target

But printing itself in the home office also harbors risks. Many printers are now integrated into the WLAN in the home office. Some can even be accessed directly via the Internet, so that you can print something on the road that is then waiting in the home office. Cyber attacks have networked printers in their sights. There are recent examples of cyber criminals actively exploiting vulnerabilities associated with printers. In this regard, printers offer multiple targets for attack: Attackers could eavesdrop on unprotected print connections, read unprotected data storage in the printer, deposit malware there, and use the inadequately protected printer as a clandestine access point to the end device and the network.

More data protection for documents and printers

When it comes to digital transformation, therefore, think not only about digital data protection, but also about paper documents and the printers that output documents in paper form. Otherwise, documents and printers could become a data leak – whether during unsafe storage, unprotected transport or incorrect disposal via normal paper waste. Adequate safeguards must also be available in the home office and on the road, such as a paper shredder that meets the protection needs of the documents being disposed of. Last but not least, remember that the home office desk is not a secure place to store files. A home office desk can have a lot more „foot traffic“ than many an office.

Do you have a handle on your paper documents? Take the test!

Question: Data protection only applies to files, not paper documents. Is that true?

  1. no, paper documents can also contain personal data that needs to be protected.
  2. yes, because data protection only applies to the automated processing of personal data.

Solution: Answer 1. is correct. The General Data Protection Regulation (GDPR) applies to the wholly or partially automated processing of personal data, but also to the non-automated processing of personal data stored or to be stored in a file system. The GDPR defines a file system as any structured collection of personal data that can be accessed according to certain criteria, including, for example, printed customer lists in a file folder.

Question: Printers in the home office cannot be accessed via the Internet. Is this true?

  1. yes, if the door to the home office is locked, no one can access the printer.
  2. no, printers could be accessible to attackers via WLAN and partly via the open Internet.

Solution: Answer 2 is correct. Most printers in home offices are now connected via WLAN. Vulnerabilities in the WLAN could give third parties access to the printer and the print data stored on it. In addition, many printer models offer a direct connection to the Internet and have their own e-mail address. This makes it possible to print to them via the Internet while on the move. However, this also makes cyberattacks on these printers possible. The data stored on the printer’s hard drive could be compromised in this way, as could the data that is temporarily transmitted to the printer for a printout.