Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Data Management

Printer, Copier, Scanner Security Anthony Phillips KSU ITS Security Team

advertisement 
Printer, Copier, Scanner Security
Watch this first:
http://www.youtube.com/watch?v=iC38D5am7go
Anthony Phillips
KSU ITS Security Team
Anthony@k-state.edu
Disclaimers: I am not a lawyer, I am not a Savin/Ricoh engineer, I am not a photocopier or security engineer of any sort,
I have not read ALL of the documentation related to said devices, Past performance does not guarantee future returns,
Your mileage may vary, I do not know everything there is to know, I did not stay at a Holiday Inn Express last night.
What is the Risk?
• Modern photocopiers are full-blown digital
computers – Savins run on Unix
• Many contain hard drives that store digital
images of every document – Photocopy, Scan,
Fax, Print – proprietary file system
• Even after being deleted, those images can be
recovered with the right tools – JPEG >
PostScript > Compressed
The Good News
• Most copier manufacturers provide some
mechanism to secure data
• Removable hard drives
o May be a separate purchase option
o May need to be installed by factory technician
o You will need to purchase the hard drive
• Software to perform a secure erase
o Also a separate purchase option
o Not necessarily easy or intuitive to use
• Software to encrypt data as it’s written
o Must be purchased and installed in advance
o Security only as good as the encryption algorithm
Savin’s Solution
• Removable Hard Drive – N/A
• Hard Drive Security Kit = Data Overwrite
Security System (DOSS) - $5.68/mo
• HDD Encryption Unit = Copy Data Security
Unit (CDSU) - $5.59/mo
K-State’s Copier Contract
Contract: http://da.ks.gov/purch/Contracts/Default.aspx/12156AB
Price and Related Info:
http://www.da.ks.gov/purch/12156-StatewideCopierContract.htm
Century United - Black & White Copiers -http://www.da.ks.gov/purch/CenturyUnited-Black&WhitePricing.xls
36 month contract 11/1/2009 – 10/30/2012
DOSS > $204.48
CDSU > $201.24
Why Worry About It?
You may still be at risk if
• Your copier cannot be physically secured
• Documents may leak between users
• You are not equipped to deal with the hard
drive at the end of the contract
What To Do About It
Store File
User Tools
/Counter
Login/Logout
Document
Server
Set Up Supervisor and Administrator
Accounts
Press User
Tools / Counter
Log in as Supervisor
Press Login
Enter Supervisor
Back to User Tools Screen
Press System Settings
We’re in System Settings, logged in as Supervisor
Go to Administrator Tools Tab
Administrator Tools, Page 1/4
Press
Next
Administrator Tools, Page 2/4
Press Program / Change Administrator
Notice These
don’t
work
yet.
We are concerned with File Administrator,
also referred to as Document Administrator
and Machine Administrator
First, logout
as
Supervisor
Then go back
to User Tools
and login as
File
Administrator
Now in System Settings, Administrator Tools, page 2, these buttons work!
We can set the time limit for documents to auto delete and we can erase all
saved documents. These are securely erased.
Let’s See How This Works
In copy mode, press Store File
Set User Name, File Name and Password (if you want to password protect the file)
Then
touch
OK
You will come back to the Copy Ready screen, but you are now saving to a file.
Make your copy as usual.
These 2 screens will alternate
until you press #
At main screen press
Document Server
Select desired file
Then print it
You can delete the file here
but this is NOT a secure erase
Back to System Settings, Administrator Tools, page 2
Now, logged on as File Administrator, from System Settings, Administrator Tools,
page 2, you can set the number of days to auto-delete
Or securely erase all stored documents
First, logout
as File
Administrator
Then go back
to User Tools
and login as
Machine
Administrator
Guess what. System Settings, Administrator Tools, page 3! Go to Auto Erase Memory Settings
You can specify the erase method to be used and the number of passes. 3 is the
default, which meets DoD Secret requirements.
Erase All Memory. Securely erases hard drive, including free space, flash memory,
machine settings, everything. Do this right before the machine leaves your possession.
Remember the “Network Security Kit” on the contract? It allows SSL encryption of all
data to / from the copier over the network. At the very least set your passwords to
something more secure than the defaults, and look into this option.
http://www.savin.com/support/kb/
http://www.ksu.edu/its/security
Questions, Comments, Criticisms
Related documents
APPENDIX E: Alternative Teacher Concern Form
APPENDIX E: Alternative Teacher Concern Form
Phase III: Individualized Professional Development
Phase III: Individualized Professional Development
Download
advertisement