Digital Copier Security: Is There a Thief in Your Copy Room? Article One
June 5th, 2010 by admin under Multifunction Printer MFP. 6 Comments.
Summary:
Multifunction printers and copiers (MFP’s) are indispensable office tools that can print, copy, scan and email. However, most MFP’s hide a dirty little secret: they can also store thousands of documents containing your data and it may not be secure.
An MFP is essentially a computer complete with one or more hard drives that store thousands of images; scans, copies, prints or emails that the device handled. It’s already a security risk left standing alone in your copy room or hallway. However, when you finally upgrade and after your old device leaves your building, the hard drive can be taken out, scanned and the documents you copied, printed, and emailed can be recovered and stolen.
How significant is the security risk?
- Each month, between 50 and 100 thousand MFP’s come off-lease and they are typically shipped to warehouses across the country for resale.
- Almost all of the devices now coming off-lease were manufactured prior to 2008 when security features like data encryption were not typically added to protect the images stored in their hard drives.
- Up to 85 percent of devices manufactured after 2007 still may not have the available security encryption option installed or the option is not turned on.
- An individual machine can contain up to five hard drives.
- Depending on their capacity, the hard drives can store thousands of your copies, faxes, prints, scans and emails.
- If you remove the hard drives in an attempt to secure your data before return, the machine will not be functional and you may be liable for the remaining buyout value of the machines, in most cases, thousands of dollars.
- Other sensitive data can be found in the machine’s RAM. (random access memory)
- The RAM can contain your network structure and settings, administrative email addresses, fax numbers and local address books.
- A recent sampling of four devices bought from a lease return warehouse netted thousands of unsecured documents containing medical and legal records, copied checks as well as social security numbers, names and addresses.
Bottom line:
Trade-in or sell an MFP with no security at lease-end and you are placing sensitive information in harm’s way. For more information see the stunning CBS investigation (about 5 mins) that ran last month.
Upcoming Articles:
2. What happens to your MFP once it leaves your building?
3. Separating fact from fiction.
4. What are manufacturers doing to correct the problem?
5. What can you do to protect your organization?
Want immediate help? Contact DocuSense at 1-800-422-0080 or Digital Copier Security at 1-530.672.9300
Any comments or information about this article are welcome!
Nancy Mullin on June 9th, 2010
Thank you for this great article! This issue has been getting a lot of news coverage recently and it is hard to believe that businesses are not taking the extra precautions to make sure their confidential data doesn’t get into the hands of the wrong people. We are writing an upcoming article on this same subject on our Payroll & Business Experts blog… http://www.blog.primepay.com and will definitely be linking back to your article! Thanks again.