With the huge number of cybersecurity threats challenging every IT department’s ability to protect networks and information, it can be easy to overlook less obvious threats -- like office printers.
The Better Business Bureau warns “copier machines can be prime targets for identity theft.”
Anything connected to a network can be hacked, including your office copiers and printers.
To brush up on copier security issues, check out 11 Things About Copier Security You Didn’t Know.
One of the challenges is securing data on the printer’s hard drive.
As documents are scanned or printed, they’re also stored in the printer’s hard drive and memory. A hacked hard drive is a treasure trove for cybercriminals -- checks, credit card numbers, social security numbers, and other valuable data from customer documents, invoices, tax returns, etc. could all be sitting on the printer’s hard drive.
Here’s an overview of how Xerox provides some of the tightest copier hard drive security possible.
Xerox Locks Down Your Data
Jobs are often written to a hard drive during processing. Once the job is finished, the data is deleted BUT could still be recoverable with forensic tools. The following three features are built-in to most of the current range of Xerox multifunction printers:
Immediate Job Overwrite or Immediate Image Overwrite. This feature deletes or overwrites (with a data pattern) disk sectors that temporarily contained electronic image data. Products that use hard disk drives to store job data initiate this process once each job is complete.
On Demand Image Overwrite. This feature can be manually started or scheduled to delete and overwrite every sector of the hard drive that may contain job data. The device will be offline for 20 minutes to one hour during this time. This is an effective extra protection step to take when your business needs the highest level of security.
Disk or User Data Encryption. All partitions of the hard drive that may contain job data are encrypted with AES encryption. This feature is default enabled on many products and can be used in combination with the preceding overwrite features.
Hard Drive Things to Remember
Not all products have hard disk drives.
Some do, but don’t save document images to the hard disk drive.
Remnants of data may be left on the drive if your device is powered off before an overwrite operation finishes. If a message of incomplete overwrite appears, perform the overwrite again.
It’s not possible to overwrite images on solid-state nonvolatile memory (currently), so overwrite features are only available for hard drive equipped devices only.
Hardware security tip - change the default Administrator password on all devices to prevent unauthorized access to configuration settings.
Tips to Protect Yourself
I’ll wrap this post with four tips suggested by the BBB to keep sensitive data protected when using a copier.
Understand that this is an issue and include your office equipment in your security plan.
Erase or keep the hard drive when your lease is up or you are getting rid of an old printer.
For repair and maintenance, verify whether or not your copier company hires their own service technicians. If they outsource to a third-party contractor, do they perform thorough background checks?
For personal use, be aware of your office’s copier security policy. If copying or printing confidential materials at a university, FedEx, library, etc., be aware of their security policies. Consider having a device at home and sharing sensitive information via encrypted email -- and password protect documents when possible.
Don’t neglect hard drive security. Xerox products, with security features standard, will set your mind at ease.