Copiers do so much more than just copy. That is why they are also referred to as multi-function printers (MFP). They can copy, print, scan, fax, store documents, integrate with software, connect to the cloud, etc. They act as the on ramp and off ramp to the digital world. MFPs function as another computer on your network and should be secure. But how much security does your organization need? According to the Federal Trade Commission, “Companies must maintain reasonable procedures to protect sensitive information. Whether your security practices are reasonable depends on the nature and size of your business, the types of information you have, the security tools available to you based on your resources, and the risks you are likely to face.”
Different security options are available throughout the 3 phases of the copier lifecycle. Upon the Installation Phase, the MFP should be set up to deter unauthorized access. First, the factory default administrator password should be changed to a unique and secure password. Another way to prevent unauthorized access is requiring the users to authenticate at the device with a user name and password or by swiping their access card. Unauthorized access will be prevented and once users authenticate, their activity will be logged. Requiring authentication also ensures confidential printing since documents are not printed until the user is standing at the MFP.
During the MFP’s Active Use phase, many devices have the ability to provide Hard Drive Overwriting. When this option is chosen, all of the data on the hard drive will be overwritten immediately after every copy, print, and scan. This feature can be set to overwrite the date multiple times for additional protection. Be aware that some users choose to store documents on the hard drive for easy retrieval. These documents are stored in memory that is not affected by the overwrite process and will remain on the hard drive. Also, encryption can be used to secure the print stream as well as the hard drive of the device.
Once the MFP has reached End Of Life, it is important to make sure the hard drive is cleared including the documents that have been stored in memory. Additionally, transaction history, email addresses, address books, etc. should all be cleared. If you are leasing, do not remove or clear the hard drive without support from your vendor. Leased equipment must be returned in working condition and clearing the hard drive may make the equipment inoperable.
Many of these security features are available standard with new equipment. However, some of the more advanced features and services may have additional costs associated with them. Check with your vendor to ensure your equipment meets your organization’s security requirements.