Sunday 30th August 2015, Carte Blanche aired a story highlighting a highly-underestimated threat to businesses – the use of office copiers and printers in data theft and industrial espionage due to a lack of document security.
Modern office technology, such as multi-function printers (MFPs), have a hard drive which stores data when items are printed, scanned or copied. If the hard drive is not protected or encrypted, it becomes an easy target for data extraction. Since sensitive information or documentation pertaining to precious intellectual property could be copied or printed, this information is at risk of being snatched by tech-savvy thieves.
Communal copiers at a commercial copy shop scan and copy information from high numbers of people, including copies of ID documents, which can be used for identity theft. Business centers have high-profile visitors who are likely to be in possession of confidential information. Sharp is a leader in addressing security in digital imaging and received the first Common Criteria Validation for an MFP in 2001. Sharp remains a highly rated company and is regarded as one of the industry’s greatest security innovators. Businesses and Government agencies worldwide have come to depend on this level of assurance, which Sharp pioneered and for which it continues to set the benchmark. What can be done to protect your multi-function printer from this type of threat?
Seartec, proud distributor of Sharp, has put together a list of the security features which Sharp MFPs have, either as built-in features or available as an additional kit, to ensure peace of mind regarding data security. Being prepared is key – when buying a new machine discuss the security requirements with your account executive to ensure your new technology is correctly equipped, and brief your IT department on correct security policies and protocols to ensure that the security features are being used correctly.
Sharp employs a multi-layered security approach, which is a tougher and more robust way of keeping information safe.
Prevent unauthorised user access It is unpleasant to think of industrial espionage, or that anyone would deliberately try and obtain confidential information off of your MFP hard drive. However, even accidental access by unauthorised users can have negative consequences. Sharp MFPs have numerous ways to ensure that users must be authenticated before accessing certain information including account codes, login credentials, and the ability to group users into lists with different user capabilities. You can also view and manage logged-in users remotely. Restrict people with administrative rights to the machine and change the admin password from its default setting. Another aspect of this is document control: the optional Sharp Data Security Kit embeds copy prevention data into documents so that unauthorised persons cannot copy, scan, fax or file these documents (attempts will result in a blank page being produced!)
From a network perspective Prevent hacks with IP/MAC Address Filtering – only machines on the network that have their addresses registered can use the MFP. Sharp MFPs also use SSL and IPsec layer and IPsec data encryption technologies so that data doesn’t leak while printing or sending emails.
Encrypt and overwrite data While encryption level varies per model, Sharp MFPs use an advanced encryption algorithm on data before it is stored on the hard drive. It then overwrites the encrypted data up to 7 times with a series of random values to erase it. The IT department should be briefed to wipe the hard drive on a regular basis – the optional Data Security Kit can also perform this in three ways: automatically on power up; automatically after each print, copy, fax or scan operation; or on demand. Another key feature is the end-of-lease feature: when the machine is sold/replaced or returned at the end of lease, Sharp’s data initialisation feature erases all data on the machine.
To read more about the Sharp approach that we take to network security. Sharp is a leader in MFP security systems, as the world’s first office equipment manufacturer to receive Common Criteria (CC) validation. CC is an international set of guidelines and specifications developed for evaluating information security products. The Common Criteria program is an international evaluation alliance, with countries such as the USA and UK, among its members. For more information and to discuss your data security needs with a knowledgeable account executive contact Seartec.