Ricoh MP1350 manual Safeguarding Data, Controlling Access, Security Features Summary

Security

Market Background Information: High-tech security is never out of the news, with reports of information theft and hacking making headlines. By the very nature of their development, network printers and MFPs are security risks if not managed correctly.

Advanced network connectivity options open ports to hackers. Industry-standard Java and Web browser design elements are vulnerable to virus attack. Large hard drives store a latent copy of every document flowing through the device data for years. Devices link directly to core network components such as the LDAP address list or the central file server. Plus, fast communication options let insiders send information to the outside with no method of being traced.

Security and data compliance buzzwords and regulations such as Common Criteria (CC) certification, HIPAA, Gramm Leach Bliley, FERPA, SEC, FSMA, and the Patriot Act look to safeguard information and force companies to conform to best practices in document and data security management.

Safeguarding Data

Most MFPs now offer a standard or optional hard drive. Any company dealing in critical, sensitive information should determine if they need a data overwrite capability that has passed Common Criteria certification. Data over- write deletes information on the hard drive by writing a series of random ones and zeros over the sectors storing data, usually multiple times. The CC test relates to how data is deleted from a device’s hard drive after being used. It is carried out by a government-approved test facil- ity. Many manufacturers get this certification to satisfy gov- ernment security requirements, and it is a requisite for many government agencies and contractors. Most MFP devices pass evaluation assurance level (EAL) 2 with some aiming higher at EAL 3. The higher the level and the more extensive the testing, the more secure the security features are deemed.

Controlling Access

One of the keys to security is limiting the initial access to the device both remotely and at the device itself. TCP/IP and MAC filtering allow the administrator to limit remote access to the device. MAC filtering is more secure. The TCP/IP address can be copied, but the MAC address is a fixed specification that cannot be changed.

IPv6 is now becoming commonplace on network devices. IPv6 makes it harder to crack or hack into a PC address range by making the address more complex.

Network authentication is now available on nearly every MFP and printer, forcing users to enter a user name and password before access to the device is granted. Most devices can verify a user by linking to Windows Exchange user lists, Novell network user lists, and LDAP server lists.

There should also be password encryption at the point of the login process through SSL or other encryption. Or, there should be other security technology (such as Kerbe- ros) preventing hackers from watching and capturing user names and IDs as they travel over the network.

Secure Transmissions

The hard drive (if not equipped with a data overwrite capa- bility) provides the ability to create secure repositories for incoming print and fax jobs. Instead of being printed upon delivery, print jobs and faxes can be stored on the device and printed only after a PIN has been entered by the au- thorized user. IPv6 makes it harder to crack or hack into a PC address range by making the address more complex.

All Rights Reserved. The license under which this document is made available and applicable law prohibit any reproduction or further transmission of any portion of this document. This document may only be viewed electronically through the www.BERTL.com Web site and may not be stored in electronic or hard copy format. Any reproduction of trademarks is strictly prohibited. BERTL accepts no responsibility for any inaccuracies or omissions contained in this document.

Page 18