Protecting Your Network Beyond the PC
Since most of an organizations secure information resides in documents, document security is one such area. But, while the need for document security is widely recognized, many companies are unaware of a major threat: the networked hardcopy peripheral.
Each time a document is copied, printed, scanned or faxed, an image is left behind on the systems hard drive(s). Thats as much a risk as the information on PCs. With network connectivity rates for these products increasing each year, this security threat grows exponentially.
On the flipside, government, military, healthcare, legal and financial sectors have started to catch on. Recently there has been an increase in regulations surrounding privacy, such as HIPAA, Sarbanes-Oxley and Gramm-Leach-Bliley, which makes document security one of the greatest challenges and demands on IT personnel and users in the market today.
To avoid embarrassing and potentially costly losses of information from you peripherals look for these features:
Embedded fax: While firewalls prevent unauthorized access to a customers system through the network connection, unprotected fax connections in multifunction devices can be an open back door into the network. Be sure to look for a machine can offers a complete separation of the fax telephone line and the network connection.
Image overwrite option: The image overwrite security option electronically shreds information stored on the hard disk(s) of devices as part of routine job processing. The electronic erasing can be performed automatically when each print job is completed, or reset manually as needed.
During normal operation, a multifunction device temporarily stores image data on the hard drive. The image overwrite function eradicates customer data by repeatedly overwriting the disk surface with specific patterns of data.
At the end of the procedure it reads a portion of the overwritten area (typically 10%) to make sure that only the last pattern written can be read. This ensures that no normal read process can discover the original data.
Internal auditron: People are required to enter an authorization code to use walk-up copy features of the device. Administrators can also limit the number of copies available for each person, track usage at an account or department level, and download data to a PC to generate audit reports.
Network authentication: Access to scan, e-mail and fax features can be restricted by verifying network user names and passwords in network directories prior to use of these functions.
Removable disk drive: Administrators can physically remove hard drives from the machines, virtually eliminating the risk of unauthorized access to classified data.
Secure print: Jobs are safely stored at the device until the owner enters a personal number to release them. This controls unauthorized viewing of documents sent to the printer.
Information security protects companies from a wide variety of threats in order to ensure business continuity, minimize business damage, and maximize return on investment and business opportunities. Knowing the possible risks of networked office equipment and understanding the security options allows customers to focus on their work rather than worry about whether their information is safe.
Larry Kovnat is the product security manager at Xerox Corp. He has held program management positions in printer and multifunction product development throughout his career at Xerox.