Free Special Reports

Our team of office equipment experts created the following special reports to help you cut through the hype, focus on the facts, and tell you what you need to know to make an informed buying decision.

• Everything You Need to Know About Buying a Fax Machine
• Multifunctional Machines Explained
• The 5 Keys to Successful Copier Leasing
• The Digital Projector Guide

Simply enter your name and email to take advantage of this FREE insider information!

Name:

Email address:

Read Our Exclusive Buying Tips

◊ Laser Fax Machines Buying Tips

◊ Copiers & Multifunctionals Buying Tips

◊ Office Laser Printers Buying Tips

◊ Printer Multifunctionals Buying Tips

◊ Document Scanners Buying Tips

Recent Better Buys Editor's Choice Award Winners

Xerox
Ricoh
Savin
Lanier
Infoprint
Océ
Kyocera
Hewlett-Packard

READ THE REVIEWS >>

Office Productivity: The Better Buys Editor's Blog

Security Features for Copiers and Multifunctionals

January 22, 2008

Given the realities of a post-9/11 world, industrial espionage, and the increasingly stringent responsibilities for confidentiality (in areas such as defense, finance, and medicine), copier companies have been offering an increasing number of security features for their multifunctional machines. Sometimes these come as standard features, more often they comes as one or more “security kits” that can be added to your copier/multifunctional. These features supplement the usual network security features that any office should have, including firewalls and password-only access to directories and files on the network. But as multifunctionals become more and more active as the centers of business activity in a firm, the need to protect the data and the transactions is getting more and more critical.

The security features in most copier/multifunctionals make use of an internationally standardized model called the International Common Criteria for Information Technology Security Evaluation (ISO 15408). This term is generally shortened to the phrase “Common Criteria”. This standard defines some basic security requirements. Companies often get certification from outside testing labs. The report cards on such testing is presented in term of EAL (Evaluation Assurance Level), such as EAL2 and EAL3, where the higher number indicates a higher level of security tested. But don’t be too impressed by these terms. For general office use especially, EAL2 is quite sufficient.

We’ve tried to put together a description of some of the most common security features, usually presented by the vendors as a laundry list. We have tried to describe how they might be useful in the real world.

Network authentication: A set of features that guarantee that anyone interacting with a multifunctional over the Internet is an authorized user. This may include several layers of proof. Most basic is a UserID and password combination. Digital certificates, which can only be produced by a specific computer, add even more proof. Usually it includes some software to discover attempts to guess passwords by trial and error.

IP filtering: Software that reads the IP address of anyone trying to access the multifunctional and compares it against a predetermined list of authorized IP addresses. This makes it hard for outsiders to access the multifunctional from off-site.

Smart Card authentication: A requirement that the user swipe a card, either at the machines or on a device connected to their computer to gain access. This is useful for both security and job accounting. One step beyond smart card use is biometric security (fingerprint or retina scans) that are used by hyper-secure environments.

Secure print (or lock job): The ability to send a print job to a machine, where it is held until released at the control panel by an authorized user. That way, printed output doesn’t lie around for others to walk away with.

Secure fax: Similar to secure print. An income fax is converted to digital form and held at the machine until a user releases it at the copier control panel.

User and group mailboxes: Digital mailboxes allow each user to hold documents (as with Secure Print and Secure Fax), scans, and other files on the hard disk at the multifunctional, ready to be printed out when needed.

Hard disk scrubbing (or overwriting): A tool that wipes out all the data on the hard disk at a regular basis (sometimes after each job), so that traces of past jobs can’t be deciphered.

Hard disk removal: A feature that allows administrators to take hard disks with confidential data and store it in a safe during non-office hours. Also requires a special tool to remove hard disk, so no one can walk away with it.

Security audit log: A log that tracks all users and all jobs, allowing administrators to pinpoint unusual access patterns, and can be used to document security compliance. The best audit logs are encrypted and accessible only to system administrators.

Encryption: This can include scrambling of print jobs as they travel from the user to the multifunctional, so they cannot be intercepted. It also can mean PDF encryption, so that scanned documents are encrypted as they are sent to be archived.

Digital watermarks: An identification written into each document that allows you to track who has made copies of, sent, or printed what documents at what machines and how many times. The watermark is invisible and embedded into the digital file.

The human factor

Note that any of these features only work through effort, which will require planning, training, and monitoring. We’ve all seen users who have attached their “secret” password to the monitor with a Post-It note. All the security in the world will not work if end users are not aware of the security risks and well-trained and motivated to use the security features.

Want to read more articles like this one? Join iGuide today!