When digital devices are connected to a network, there should be assurance that system resources and data are protected from disruptive forces inside and outside the organization. This assurance enables IT managers to embrace products that would otherwise pose a security risk, while providing employees with high-performance equipment that streamlines the workflow, protects vital business interests, and ensures peace of mind.
After deploying countermeasures, processes should be reviewed according to the Deming Plan–Do–Check–Act (PDCA) cycle. For example, in the planning stage, it’s important to understand the current state of security and define any new policies. To ensure proper use and maintenance of countermeasures, employees must also understand the policies. Furthermore, auditing should be conducted from time to time, in order to check if the security procedures are successful, or if modifications are necessary (Foundation).
Keeping the Document Security Framework in mind, Ricoh advocates a multilayered approach to security, one that combines two key objectives: streamlined and efficient workflow, and document security. The goal is to create a controlled system that minimizes risks to information security without unduly impacting document administrators, users or workflow processes.
If the security measures are too costly or complex to roll out, the controls may negatively impact productivity; users may resist.
So, after vulnerabilities and threats to information security are identified, solutions are recommended that: