Wednesday 24 October 2018

Print Security: Sharp Electronics MFPs first to achieve certification against common criteria   17 November 2017   

Sharp Electronics should be proud this week.  They are the first printer manufacturer to be awarded certificates for full compliance with the broad range of print security evaluations, common criteria pulled together in version 1.0 of the "Protection Profile for Hardcopy Devices." 

The ranges of machine to receive this certificate are the MX-2630N, MX-3050N/3550N/4050N/5050N/6050N, and the MX-3070N/3570N/4070N/5070N/6070N.  To fully conform to the definitions in the standard, a firmware update may be required.
Other manufacturers have been rightly praised in consultancy reports for bringing very secure machines to market, and many of them are working to certify compliance with the same common criteria as Sharp has.  Several laboratories are authorized to award these certificates, notably the USA's National Information Assurance Partnership (NIAP) and Japan's International Technology Promotion Agency (IPA).  There are seven levels to attain, and Ricoh, Konica Minolta, Kyocera, HP Inc., Toshiba and Canon all have certified machines and others in testing for Evaluation Assurance Level 3+ and higher.  
DataMaster Lab will shortly be releasing our own analyses of MFP security. 

As usual, we take a cold look at what the technical specifications can actually deliver in the real world - and interpret these for you who are actively involved in explaining what this stuff actually means.  
So you can actually tell the difference between machines - and which features will be important in which business environments.
We divide print security into three areas:
User Control
Making a user authenticate themselves at the machine means they know they are tracked.  Most print-related crime will stop as a result.  Requiring someone to pull their print job down at the machine will stop the theft of sensitive documents left in the output tray.  Other abuses such as printing for personal use, and scanning or copying sensitive materials will not happen is the print user knows they are being tracked.
Content Protection
Slightly more active, more complicated and more expensive:  the range of soft- and hardware measures which protect and encrypt data held on a copier and its connexions, and which actually prevent copying or printing of specified sensitive materials.
Device Security
Doomsday hack scenarios: this is where the brands are competing right now.  This is the high end, technically speaking - but not necessarily super expensive.  Specific hardware, firmware and software on the device, coupled with alerting systems and monitoring is particularly important for printers which are isolated and/or connected to mobile users. 
Just saying this again:  DO NOT open up wifi on your printer And connect it to the same cabled network that your accounts department is connected to, just in case James Bond - or Christian Slater - is in the car park with his tablet. 
The Protection Profile for Hardcopy Devices includes testing procedures for anti-tampering as regards firmware, but not for BIOS nor for any systems to detect intrusions in runtime environments.  There is simply no way a serious standards organization can keep up with the pace of technical developments in areas such as these.
So, whilst certificates are important, realistic and recent reviews are more important.

Watch this space! 
DataMaster Labs Security Evaluations are coming soon!

Datamaster Online (DMO) is a benchmarking portal: competitive information, analyses, evaluations, comparison tools, technical data, product strengths and weaknesses, TCO ... and much more.  An independent test lab.
To find out about DMO

03 Oct 2018  

01 Oct 2018  

11 Sep 2018  

11 Sep 2018  

06 Sep 2018  

06 Sep 2018  

04 Sep 2018  

29 Aug 2018  

24 Aug 2018  

27 Jul 2018  

09 Jul 2018  

02 Jul 2018  

18 Jun 2018  

12 Jun 2018  

28 May 2018  

25 May 2018  

03 May 2018  

20 Apr 2018  

20 Apr 2018  

04 Apr 2018  

26 Mar 2018  

26 Mar 2018  

26 Mar 2018  

20 Mar 2018  

16 Mar 2018  

15 Mar 2018  

02 Mar 2018  

15 Feb 2018  

17 Jan 2018  

12 Jan 2018  

List of linked news items, pages : 1    2    3    4    5    6    7    8    9    10    11    12    13    14    15    16    17    18    19   

access the Subscriber area

News structure
Konica Minolta to re-sell WEBJet continuous-feed inkjet presses
03 October 2018

Konica Minolta Business Solutions U.S.A., Inc. (Konica Minolta) today announced the launch of two continuous feed inkjet presses, the WEBJet 200D (...)

01 October 2018

11 September 2018

11 September 2018