Context:
Our network is very tightly locked down. We dont currently allow users to plug in USB devices (other than KB/Mouse/Headset). We also dont currently allow them to access their local network (we have always on VPN, and all network access is blocked until the VPN is connected). And we have various security software in place to protect data exfiltration and data loss prevention based on the content of the data. Any documents leaving our network are scanned for a number of key words and phrases and anything that meets certain criteria is blocked.
The Problem:
We are merging some "less secure" parts of our parent company into our core network, and many of the new users make use of home printing/scanning facilities. We need to find a way to securely enable this without opening up any holes in our perimeter.
One concern is if we allowed access via USB or Wifi, is there a tool or mechanism (windows standard, or 3rd party) that would allow us to monitor/control whats printed based on content and block as required?
Currently out filtering is managed within O365, on our firewall, and web proxy. Obviously none of these systems are involved when printing directly to a local network / usb device.
Similarly, if the printer is an MFP, we need a way to allow scanning functions.
Does anyone have any suggestions?
Our network is very tightly locked down. We dont currently allow users to plug in USB devices (other than KB/Mouse/Headset). We also dont currently allow them to access their local network (we have always on VPN, and all network access is blocked until the VPN is connected). And we have various security software in place to protect data exfiltration and data loss prevention based on the content of the data. Any documents leaving our network are scanned for a number of key words and phrases and anything that meets certain criteria is blocked.
The Problem:
We are merging some "less secure" parts of our parent company into our core network, and many of the new users make use of home printing/scanning facilities. We need to find a way to securely enable this without opening up any holes in our perimeter.
One concern is if we allowed access via USB or Wifi, is there a tool or mechanism (windows standard, or 3rd party) that would allow us to monitor/control whats printed based on content and block as required?
Currently out filtering is managed within O365, on our firewall, and web proxy. Obviously none of these systems are involved when printing directly to a local network / usb device.
Similarly, if the printer is an MFP, we need a way to allow scanning functions.
Does anyone have any suggestions?
