Saturday 26 May 2018
News
archives

Print Security: Sharp Electronics MFPs first to achieve certification against common criteria   17 November 2017   


Sharp Electronics should be proud this week.  They are the first printer manufacturer to be awarded certificates for full compliance with the broad range of print security evaluations, common criteria pulled together in version 1.0 of the "Protection Profile for Hardcopy Devices." 

The ranges of machine to receive this certificate are the MX-2630N, MX-3050N/3550N/4050N/5050N/6050N, and the MX-3070N/3570N/4070N/5070N/6070N.  To fully conform to the definitions in the standard, a firmware update may be required.
 
Other manufacturers have been rightly praised in consultancy reports for bringing very secure machines to market, and many of them are working to certify compliance with the same common criteria as Sharp has.  Several laboratories are authorized to award these certificates, notably the USA's National Information Assurance Partnership (NIAP) and Japan's International Technology Promotion Agency (IPA).  There are seven levels to attain, and Ricoh, Konica Minolta, Kyocera, HP Inc., Toshiba and Canon all have certified machines and others in testing for Evaluation Assurance Level 3+ and higher.  
 
DataMaster Lab will shortly be releasing our own analyses of MFP security. 

As usual, we take a cold look at what the technical specifications can actually deliver in the real world - and interpret these for you who are actively involved in explaining what this stuff actually means.  
So you can actually tell the difference between machines - and which features will be important in which business environments.
 
We divide print security into three areas:
 
User Control
Making a user authenticate themselves at the machine means they know they are tracked.  Most print-related crime will stop as a result.  Requiring someone to pull their print job down at the machine will stop the theft of sensitive documents left in the output tray.  Other abuses such as printing for personal use, and scanning or copying sensitive materials will not happen is the print user knows they are being tracked.
 
Content Protection
Slightly more active, more complicated and more expensive:  the range of soft- and hardware measures which protect and encrypt data held on a copier and its connexions, and which actually prevent copying or printing of specified sensitive materials.
 
Device Security
Doomsday hack scenarios: this is where the brands are competing right now.  This is the high end, technically speaking - but not necessarily super expensive.  Specific hardware, firmware and software on the device, coupled with alerting systems and monitoring is particularly important for printers which are isolated and/or connected to mobile users. 
Just saying this again:  DO NOT open up wifi on your printer And connect it to the same cabled network that your accounts department is connected to, just in case James Bond - or Christian Slater - is in the car park with his tablet. 
 
The Protection Profile for Hardcopy Devices includes testing procedures for anti-tampering as regards firmware, but not for BIOS nor for any systems to detect intrusions in runtime environments.  There is simply no way a serious standards organization can keep up with the pace of technical developments in areas such as these.
 
So, whilst certificates are important, realistic and recent reviews are more important.

Watch this space! 
DataMaster Labs Security Evaluations are coming soon!




Datamaster Online (DMO) is a benchmarking portal: competitive information, analyses, evaluations, comparison tools, technical data, product strengths and weaknesses, TCO ... and much more.  An independent test lab.
To find out about DMO


03 May 2018  

20 Apr 2018  

20 Apr 2018  

04 Apr 2018  

26 Mar 2018  

26 Mar 2018  

26 Mar 2018  

20 Mar 2018  

16 Mar 2018  

15 Mar 2018  

02 Mar 2018  

15 Feb 2018  

17 Jan 2018  

12 Jan 2018  

04 Jan 2018  

06 Dec 2017  

29 Nov 2017  

20 Nov 2017  

17 Nov 2017  

17 Nov 2017  

17 Nov 2017  

03 Nov 2017  

02 Nov 2017  

04 Oct 2017  

29 Sep 2017  

29 Sep 2017  

27 Sep 2017  

11 Sep 2017  

11 Sep 2017  

29 Aug 2017  

List of linked news items, pages : 1    2    3    4    5    6    7    8    9    10    11    12    13    14    15    16    17    18   

access the Subscriber area

News structure
Ricoh Pro C9200 Graphic Arts edition: improved pre-press performance
03 May 2018

Increase revenue, reduce operating costs and thereby grow: the new range of Ricoh Pro C9200 Graphic Arts edition sheet-fed digital color printers  (...)

20 April 2018


20 April 2018


04 April 2018

LinkedinTwitterViadeo
structure