Close
Updated:

CLLB Information Security Newsletter. Volume 3 Number 7 July 2010.

Volume 3 Number 7 July 2010
July 2010
PROTECTING DATA CONTAINED IN COPIERS AND PRINTERS
From the Desk of David Badertscher
What kind of data can be stored in copiers and printers?

You are probably familiar with many of the standard best practices for safeguarding your data, such as avoid carrying unencrypted sensitive data on portable devices; use a complex password; and keeping your PC current with updated anti-virus software and security patches. However, do you realize that another important aspect of safeguarding your data means taking precautions about the information contained on printers or copiers?

Increasingly, printers, copiers and related devices come with hard drives capable of storing large volumes of information. The data you print, copy, scan, or fax may be stored on the hard drive permanently.

Recent news coverage has highlighted the fact that confidential information can be recovered from printers, copiers and similar devices after they are sent to surplus or returned to the vendor at the end of their lease. Some of the confidential information recently reported to be found on these machines included social security numbers, birth certificates, bank records, income tax forms, medical records, and pay stubs with names.

How do I keep my data secure?

Assume that any document that you printed or scanned is stored on the device. At a minimum, be aware that when you dispose of your printer, fax, copier or scanner, there may be a hard drive containing images of all of your documents. In order to properly dispose of the device, have the hard drive securely wiped before you give the device away or sell it, or if the device’s hard drive is removable, remove the drive entirely and have it securely destroyed.

Individuals and organizations should review the following recommendations for printers, copiers, scanners, and faxes:

· Settings: Configure the devices to encrypt the data, if possible.

· New Devices: Purchase\lease devices with disk encryption and immediate data overwriting capability.

· Disposal: Remove or wipe the hard drive before disposal.

· Use of Public Devices: Be cautious if using public printers\copiers\scanner\faxes for documents containing confidential information.

Additional Information:

· Identity Theft Awareness: http://www.identity-theft-awareness.com/digital-copiers.html

· Identity Theft Fixes: http://www.identitytheftfixes.com/company_copiers_and_identity_theft_–_is_your_company_at_ris.html

· CBS News – Digital Photocopiers Loaded With Secrets: http://www.cbsnews.com/stories/2010/04/19/eveningnews/main6412439.shtml

· SANS Reading Room: http://www.sans.org/reading_room/whitepapers/networkdevs/auditing-securing-multifunction-devices_1921

· Xerox: http://www.xerox.com/information-security/product/enus.html

· Cannon: http://www.usa.canon.com/cusa/production/standard_display/security-main-page
· HP: http://h71028.www7.hp.com/enterprise/cache/617575-0-0-225-121.html

· Toshiba: http://www.copiers.toshiba.com/usa/security/device-security/index.html

For additional monthly cyber security newsletter tips visit: www.msisac.org/awareness/news/

The above information is from tips provided by the Multi-State Information and Analysis Center (MS-ISAC). To learn more about MS-ISAC go to http://www.msisac.org/

MORE NEWS AND INFORMATION.

Bandwidth Bandit – Symantec White Paper.

Summary:
Internet bandwidth is a finite and expensive resource; protect it from spammers, criminals, hackers, time-wasters and employee misuse. Your company’s internet link is precious. Not only is it expensive and limited but it is a vital business tool. Yet our analysis shows that companies can lose around a quarter of their internet bandwidth to employee web misuse, streaming media and spam. Imagine if you had to give up a quarter of your office space for non-work activities; it’s inconceivable. But when it comes to internet bandwidth, most companies don’t even know about the loss, let alone take steps to prevent it.

Part of the problem is that the internet is designed to continue operating even if links are busy or damaged; indeed that’s the whole point of it. This means that you probably don’t notice if your emails take longer to deliver, web pages take longer to load and internet phone and video conferences are lower quality. It all sort of works and you expect the occasional hiccup.

Download White Paper Here

Six Reasons to Worry About Cybersecurity

By William Jackson
Daily Government Computer News August 16, 2010.

The threats from increasingly professional cyber criminals, spies and hackers are evolving to address the adoption of new technologies and platforms by government and private-sector enterprises.

Contact Us