Xerox 7655, 7665, 7675 manual Security Capabilities, Built-in Security

EVALUATE

SECURITY CAPABILITIES

ADVANTAGE

XEROX

What type of security requirements does your office require? Does the device have the security features to meet this demand? Can device access be password protected? Does the device remove latent images on disk drives and in memory? Does the MFP vendor participate in third-party testing and certification?

HOW THE XEROX WORKCENTRE® 7655/7665/7675 SERIES

EXCEEDS THE SECURITY CAPABILITIES REQUIREMENT

Built-in Security

Xerox is committed to the security of its products and takes a unique approach to security within the document industry: Xerox believes security should be built in as a core component of the MFP system and its controller.

The WorkCentre 7655/7665/7675 series offers built-in security features for physical and network-based access controls, user authentication, usage tracking, file encryption, and file deletion to fully comply with the IT organization’s information security policies. This is accomplished through intelligent design architecture that complies with stringent industry security standards and increasing regulations in the government, military, health care (HIPAA), legal (Sarbanes-Oxley), financial (Gramm-Leach-Biley Act) and pharmaceutical (FDA 21 CFR Part 11) sectors. The security capabilities of WorkCentre 7655/7665/7675 series MFPs can be further extended with solutions from Xerox Business Alliance Partners.

Security features of the WorkCentre 7655/7665/7675 series include:

•802.1x Support — Ensures devices connected to the network are properly authorized

•Analog Fax and Network Isolation — Controller architecture isolates the fax telephone line and the network connection to foil incoming attacks

•Authentication

-System Administrator Authentication — The WorkCentre 7655/7665/7675 series allows access to administrative web pages to be restricted to authorized employees. Device Access Password Protection further restricts access to device setup screens and remote network settings

-Network Authentication — Manage access to copy, scan, email, and fax features by validating network user names and passwords

-Print/Copy/Fax/Scan Auditron — Restricts user access to the device, sets limits for users and groups, tracks jobs and provides reports

•Firewall — Restricts access via IP Address Filtering, Domain Filtering, and Port Blocking

•Image Overwrite Security — Electronically erases data that has been processed to the hard disk in print, copy, scan, and fax modes using a three-pass algorithm specified by U.S. Department of Defense Directive 5200.28-M at regular, pre-selected times

•Internal Security Audit Log — Permits tracking of activity at the device, satisfying the needs of organizations that must provide logging of the transfer of Personally Identifiable Information per regulations like HIPAA, Sarbanes-Oxley, Gramm-Leach-Bliley Act, and more

Common Criteria Certification:

The National Information Assurance

Partnership (NIAP) is a U.S. government ini-

tiative to meet the security testing of

Common Criteria, and is a collaboration

between the National Institute of Standards

and Technology (NIST) and the National

Security Agency (NSA). Common Criteria

for IT Security Evaluation is an interna-

tionally recognized methodology (ISO

15408) for evaluating the security claims of

hardware and software vendors. The five

major elements of Common Criteria are

availability, integrity, confidentiality,

accountability and nonrepudiation.

14

WORKCENTRE 7655/7665/7675 EVALUATOR GUIDE