Falcon

Canon Photocopiers Security Update

Press Release   •   Feb 23, 2011 01:16 GMT

In the light of recent developments highlighting the urgent need for organisations to implement more robust security policies when it comes to their photocopiers and multifunction printer, Canon, the world leader in document imaging solutions, has stepped forward with a significant white paper on the subject. The document, entitled ‘Canon imageRUNNER Advance Security’ was released recently by Canon USA after a CBS News investigation last year revealed that various organisations have not been taking the necessary steps to erase sensitive data from photocopier hard-drives when disposing of their old machines – making them, their employees as well as clients vulnerable to data compromise. While manufacturers of photocopiers themselves are usually mindful of the risks posed by their devices and will provide a range of security options, it’s often users and the organisations they belong to who fail to pay sufficient heed to the potentially devastating consequences of photocopier security breach. Canon hopes that its straightforward white paper, which addresses security features on the leading imageRUNNER Advance photocopiers, will give administrative and IT personnel usually responsible for device management, all the information they need to implement serious and robust security policies for photocopiers within their organisations.

 

The Photocopiers Security Threat

 

Last year, an investigation by US news channel, CBS, exposed what had been up until then, a major blind-spot for most companies and organisations across the globe…

Almost all photocopiers manufactured since 2002 contain a hard drive – the same kind that you would find installed on most typical desktop PC’s and which on photocopiers store images of every document which has been scanned, copied, faxed or emailed from the device. With such large amounts of potentially sensitive information stored on single photocopiers, it’s not surprising many have expressed concern that companies have not been conscious enough of the risks they face. In their investigation, CBS News referred to the issue of photocopiers security as ‘a digital time-bomb…’

When considering photocopiers will at one time or another be exposed to National Insurance Numbers, bank account details, birth certificates, passports, tax forms – it’s easy to see that in the wrong hands, second-hand photocopiers could be a very valuable commodity indeed.

It was in February 2010, that CBS News in the US decided to put photocopiers security to the test. Taking photocopiers security expert, John Juntunen, with them to a New Jersey used photocopiers warehouse, CBS purchased 4 photocopiers from the vendor based on price and the number of pages that had been printed from each. All were around the $300 mark. Juntunen was able to remove the hard-drives from the photocopiers in just 30 minutes and using free forensic software, available on the internet, download tens of thousands of documents from them in less than 12 hours.

And what was discovered is absolutely incredible. One of the photocopiers had come from the Buffalo New York Police Sex Crimes Division and was loaded with documents ranging from domestic violence complaints to details of wanted sex offenders. The second of the photocopiers was from the Buffalo Police Narcotics Unit and contained details of suspects in a major drugs operation. The third machine held design plans from a construction company working on a site near Ground Zero in New York. The photocopier also had on it images of pay stubs with employees names, addresses and social security details. Most disturbingly of all, the fourth of these photocopiers, which came from a New York-based insurance company, contained some of the most sensitive and personal information conceivable – 300 pages of personal medical records.

* This is not the full version of the article. For the full version, please visit:

 Canon Photocopiers Security Update

Canon Photocopiers – The Security Solutions

 

As was widely publicised at the time of their release, Canon’s imageRUNNER Advance range of photocopiers provide a number of innovative platform benefits, including improved security features. The new Canon imageRUNNER Advance photocopiers comply with the most stringent industry standards and give users a range of security features from which to choose – from employee user ID cards through to a Document Scan Lock Kit to protect critical business data and access to an Adobe LifeCycle Rights Management policy server which provides controlled access to scanned PDF documents.

But such advanced security features on photocopiers can only be effectively utilized when administration/IT personnel within an organisation understand how to properly configure their devices. Canon USA’s white paper, ‘Canon imageRUNNER Advance Security’ is the company’s attempt to address this knowledge-gap. As well as providing all the security information on Canon imageRUNNER Advance photocopiers in both networked and stand-alone environments, the document is tailored to the requirements of those IT managers and administrators who would usually be responsible for overseeing photocopiers security within organisations. The white paper provides all relevant information on how best to configure the array of standard security features on Canon imageRUNNER Advance photocopiers as well as providing details of optional security extras which provide complete peace-of-MIND. One option, which was recommended in the CBS News write-up on their investigation, is a data Encryption solution – Canon’s version of this is its HDD Data Encryption Kit.

 

Canon Photocopiers HDD Data Encryption Kit

Using some of the most advanced data encryption algorithms, the Canon HDD Data Encryption Kit will protect all of a photocopiers temporary data as well as any documents that have been stored onto the device. The kit provides users with a dedicated plug-in board which encrypts every byte of data before it can be committed to the photocopiers hard drive. The system uses 256 bit Advanced Encryption Standard (AES) or 168-bit Triple Data Encryption Algorithm (TDEA) depending on the device model. Using a special encryption key which is stored on the plug-in, the board encrypts and decrypts all data that’s stored in random non-continuous sections of the photocopiers disk drive.

Also discussed in the Canon white paper, is the HDD Data Erase function which ensures that when data is deleted from a photocopiers hard-drive, it’s deleted permanently.

 

Canon Photocopiers HDD Data Erase

Not a lot of people realise that data remains effectively retrievable on a photocopiers’ hard disk until it has been overwritten. That’s where Canon’s photocopiers HDD Data Erase function comes in. By overwriting data on photocopiers hard drives with either null data, random data or null data three times, the data erase function ensures neither temporary data nor document data will remain accessible photocopiers, giving users the power to truly permanently, fully delete.

  

For the Canon USA ‘imageRUNNER Advance Security’ white paper discussed here, please visit the following link:
http://www.usa.canon.com/CUSA/assets/app/pdf/ISG_Security/wtpaper_digital_press_ir_ipress_security_.pdf

 

For further advice on configuring your Canon imageRUNNER Advance photocopiers security features or for any additional information on Canon’s Data Erase and Data Encryption Kits, please contact an authorised Canon UK Business Solutions Partner.