The security threat of digital photocopiers is worse than reported
OnlineConect.co.uk have been aware of the security threat posed by digital photocopiers for many years and carry out a full data wipe on all machines before they are resold. Jenny Robinson of Online Connect UK says “we are pleased this issue has been brought to the attention of consumers by CBS as we have been protecting our customers data but are aware this is not common practice”.
However, the risk to Corporate Intelligence and sensitive information is understated in the CBS report according to Online Connect UK. The problem goes back to the photocopier industry as a whole. When digital photocopiers came in there was a complete lack of training in security and the problem goes beyond hard drives. Online Connect share some tips on securing your photocopier at the end of its life.
Avoid copying sensitive information on public photocopiers. The information could be retreived from the hard drive.
Hard Drives are packed full of sensitive information. From incoming faxes, id protected print jobs to frequently used files. Multifunctional digital copiers have a data encryption facility and hard disk data encryption should be enabled. Additionally Secure Document Release retains the document until identity is verified via a PIN, password.
Delete all information on hard drive at end of copiers life.
The Print Server
The first digital photocopiers used print servers and IT Departments were aware of the information stored. Fiery Servers and Cyclone served as the connection between the digital photocopier and the network and for many high volume or colour photocopiers still do. But with modern digital photocopiers often the print server is embedded in the machine and it is the print server part of the machine that may hold the most vital information. In a remote print server like fiery or cyclone it will contain a copy of the print job on its internal hard drive so enable encryption an wipe hard drive of the print server at the end of the copier cycle of life.
Often large Companies route all print requests through a central server, this allows data archiving to be achieved efficiently and the central server may be remote. In such cases the digital copier can contain network addresses of the companies central server including subnet mask, ipaddress and passwords.
The Print Server should be cleared of all information at the end of the copiers life.
The machine may hold data on individual workstations and passwords. Machines with scan to email will hold private email addresses of individuals within the corparation or organisation.
All scanner and email information should be removed.
Often held in the RAM of the machine pending print jobs can contain sensitive information. Often the digital copier is replaced due to unreliability and by simply clearing a paper jam the machine can start printing out a wealth of information.
Clear all pending print jobs.
A list of fax numbers transmission times dates and received documents may be stored on a multifunction photocopier.
Delete all fax information at the end of copiers life.
Machines set up for multiple user accounts will have common passwords stored. Unfortunately these passwords may be used in other areas of the business. A print out of photocopier passwords could lead to a more serious threat to security if passwords are used elsewhere within the organisation.
All passwords should be removed at the end of the photocopiers life.
Many used photocopiers are destined for india, africa and the middle east and it is important to ensure secure information is removed from the machine.
If you have concerns about security of your office equipment you can find Online Connect contact details on there website: http://www.onlineconnect.co.uk/