Data Security

What You Need to Know to Protect Your Data.

A CBS news story recently detailed the unfortunate compromise of customer data stored on the hard drive of several multi-function printers (MFPs). Since this story aired, several Xerox customers have been understandably concerned. They want to know what features and functions are available on their current MFP equipment to ensure that their data is not compromised. And most importantly, they want to know how to dependably remove customer data from their machine at the end of its useful life. The solutions to this challenge are many. Some systems have disk encryption or 3-pass disk overwrite software available on the machine. These systems are fully protected against data compromise if the features are utilized. However, most in-place systems at customer sites do not have these features on the systems. In these instances, customers are generally advised to either upgrade themachine with a security kit or to pay to have the hard disk removed prior to leaving the customer’s facility. In either case, it’s an expensive and time consuming process that customers have not incorporated into their budgets.

A Competitive Trade-in Option to Address MFP Security Concerns.

If a customer trades their competitive equipment with Xerox as part of a new MFP implementation, Xerox will crush the equipment making any residual customer data inaccessible. The Xerox process will involve crushing the hard drive to prevent retrieval of any residual data on the machine. The Xerox process includes pick-up of the competitive equipment from the customer site and maintaining custody of the unit until it is dropped off at the destruction facility. Xerox tracks the equipment while it’s under our control to ensure the integrity of the process until the unit is crushed. This process will give our customers “ peace of mind” that their data is protected if their current non-Xerox equipment is traded for new Xerox equipment. Additionally, virtually all new Xerox MFP equipment comes standard with 128-bit AES disk encryption as well as 3-pass disk overwrite features to ensure that our customer’s data is protected from day one on their new equipment. continue reading...

Xerox has the answer
Use the Xerox® Secure Print feature. If you don’t want your confidential or private documents to be left in the output tray, open for viewing, or even taken by someone else, Secure Print allows you to control the print timing of your documents. You can now optimize your print solution by using a workgroup device to print all your documents, without worrying about security!

Here’s an example:
You need to print your company’s product roadmap or an employee’s development plan. In the past, you may have used a personal printer to print these types of files. With Secure Print, the workgroup printer becomes your own personal printer! Print the file, and in the print Properties section, select Secure Print from the menu (this varies from device to device: see your user manual for exact instructions). Select a passcode of your choice and send the job to be printed. The job is held in the job list until you release it. At the device control panel, type in your passcode and the document prints. You control when the print takes place! Best of all, if multiple jobs are held using the same passcode, they are all released for printing at once – making it easy and quick for you to collect your jobs. continue reading...

The intellectual property of your business is vital to its continuing success. Therefore, it is important to ensure confidential documents are not susceptible to security breaches. Whether it is a computer virus or a disgruntled former employee, you need to ensure your information is safe from unauthorized viewers. Luckily, with document management systems, it is easy to integrate advanced security features into your current workflows. Electronic Document Management can help protect your documents and increase productivity. If you are unsure if a document management system is right for your business, here are ten things you should know about document security:

1. Document management seeks to prevent data loss from the various kinds of threats to data. Unless a systematic approach is adopted for document security your business could be shut down by a breach of security.

2. Very few businesses can survive a complete loss of business data. Even partial losses can prove extremely serious, especially to smaller businesses. Consider what would happen if you lost all your customer data and invoice records from a computer virus. It can render you unable to recover your fees from credit customers that can equal a few months of sales. Or consider the secret product formula that gives you an edge in the market being stolen.

3. Document security starts with an intricate look at all the risks documents face and the impact of each. A clear view can make upper management aware of the real dangers that can easily occur, and as a result they are more likely to support security-enhancement measures.

4. One of the primary security measures is preventing unauthorized access to documents. Only authorized persons should be able to access each type of data. Access restrictions should be placed both on classes of data and levels of employees and can be integrated easily with the access controls on your multifunction device. continue reading...

In today’s office, multifunction devices can print, copy, scan to network destinations, send email attachments, and handle incoming and outgoing fax transmissions. If everyone has access to your multifunction printer, that means just about anyone can launch attacks against the network and network resources ranging from simple (picking up documents left in the output tray) to complex (distributing documents over the network or accessing confidential information).

Xerox is committed to helping you secure your environment and achieve your regulatory compliance objectives through systems, software and services designed to provide security that assures the confidentiality, integrity and availability of critical document and network assets. continue reading...

The Challenge:
Federal government policy requires that all networked devices used in national security systems meet specific information assurance goals including strict levels of integrity, confidentiality, and availability for systems and data, accountability at the individual level, and assurance that all security claims are objectively verified.

The Solution:
Common Criteria Certification, administered by the National Information Assurance Partnership (NIAP). This is a rigorous process that includes the testing of devices against security requirements by accredited, third-party laboratories.

The Xerox Advantage:
In addition to delivering exceptionally well-architected and highly productive devices into the office environment, Xerox has received Common Criteria Certification for the WorkCentre M35/M45/M55 and WorkCentre Pro 35/45/55. As part of the certification process, the security of the embedded fax function of these devices was also validated. No other multifunction device manufacturer has obtained third party assurance that fax and network lines are separated. continue reading...

Protecting sensitive, proprietary or classified information has always been challenging. Nevertheless, before the advent of today’s digitally networked offices and increasingly sophisticated threats, maintaining airtight security of confidential documents often meant simply putting those documents away and locking the door behind you at the end of the workday.

In this uneasy, post-9/11 environment, however, managers in government as well as healthcare, financial services, pharmaceuticals and other segments of corporate America are more aware than ever before of the need for deploying more sophisticated document security processes and technologies to ensure confidentiality. continue reading...

“Most C-level executives still view security as an operational issue, not a strategic issue, according to ‘Navigating Risk: The Business Case for Security.’”

I found an interesting article on this. IT security is far more important an issue than just an operational issue. 

Take a look at this article from Dark Reading on IT Security and Management. continue reading...

TechDirt last year had a blog posting titled Why Keep Personal Information on a Laptop When It’s Much Easier to Steal on a CD.

continue reading...

It is a pretty interesting article and points out that companies, like insurance companies, are not very careful with their data. How often do you compromise your security for a little convenience? – Corey Smith has fifteen years of document management industry experience and maintains the Master the Business blog.

We have a lot of data that we use in business. How in the world can we begin to use it? Evan Goldberg of Inc. Magazine had a great article on using your information technology to understand your data better. Take a look here. It should help you get some ideas on how to increase your access to your own information. – Corey Smith has fifteen years of document management industry experience and maintains the Master the Business blog. continue reading...