Sharp Data Privacy User Manual

SOFTWARE REQUIREMENTS
Microsoft IIS Microsoft .NET framework 3.5 (or above) SQL Server software IIS Services
MFP REQUIREMENTS
Microsoft IIS Microsoft .NET framework 3.5 (or above) SQL Server software IIS Services
SUPPORTED OS
Sharp OSA 3.5 (or above) enabled MFP MX-AMX3 and/or MX-AMX2 Can support up to 100 concurrent MFPs
WELCOME TO SHARP
Security Solutions
Sharp has been manufacturing fast, reliable printers and MFPs - and devising new, more productive ways of managing documents - for decades. Many have won awards from respected independent research establishments. All have delivered class-leading performance, often transforming productivity in the workplace.
Sharp is a truly global company with local representation in all major countries. And our expertise now extends far beyond the realm of office printing. Today we address the needs of the whole enterprise, with innovations in LCDs, laser diodes, flash memory, solar cells, plasmacluster air purifiers, and projectors, to name just a few.
POWERFUL PROTECTION FOR YOUR INFORMATION ASSETS
We take security seriously /This is Why we’re proud to put our name behind it.
MFPs can pose a security risk /This is Why we close the loopholes.
Take a moment to think about what people can use MFPs for. They can scan and copy documents
- any documents - in seconds. Then copy them to an easily concealed USB memory stick. Or distribute them via email and fax to destinations unknown. But that’s not the worst of it. There are network security issues, too.
Understanding your responsibilities
Your company is legally responsible for the security of the data that it holds, including employee records, customer information, account data, commercial information and sometimes much more.
The good news is that MFPs - a potential weak spot in data and network security - can be secured even against sustained and determined attacks with solutions from the Sharp Security Suite.
Some of these solutions are standard on all Sharp MFPs and others are optional. But they all share the same objective: to keep you safe by closing security loopholes.
2
Attacks, accidents and weak spots: three avoidable risks
MFPs can be susceptible to attacks through open fax lines, non-secure Network Interface Cards (NICs) and a lack of network port security.
Unsecured ports can be exploited, system settings changed, unauthorised user accounts created, and information examined or stolen. MFPs can also be subject to denial of service attacks. And they can even be used to gather information in preparation for other attacks against your network.
Of course, data can be intercepted by accident, too. Documents can be left in the MFPs output tray, where they can be innocently read by your colleagues or perhaps mixed up with other jobs and taken away.
Other security weak spots include the MFP’s ability to distribute information by fax, email or memory stick, the covert copying of sensitive material, and walk-up access to documents on the hard drive.
The Sharp Security Suite can help protect you from these possibilities by providing multiple levels of security across five interconnected areas:
• User access and document control
• Audit trails
• Document safeguards
• Data security
• Extra protection for networks
3
Your MFP is an information factory
/This is Why we provide tough data security.
User access control
The first step in securing an MFP is to restrict who has access to it and what they can use it for. You don’t have to make every function available to every user.
The Sharp Security Suite controls walk-up access by authenticating the user with a password. And we restrict network access with swipecards or a username/password combination authenticated against an LDAP or Active Directory Server. All user credentials are communicated to the MFP using a combination of secure protocols to help avoid interception.
Audit trails
Sharp MFPs can use an internal job log or third party software to provide a full audit trail that logs the identity of each operator, the time of use, and details of the specific functions that were performed. In addition, when documents are scanned to email, the operator’s email address is automatically added to the “from” field.
Document control
Document Control* prevents unwanted copying and scanning. Sharp colour MFPs can add a pattern to documents which, although barely visible to the naked eye, will subsequently be detected by the scanner. If an MFP* detects the pattern it cancels the job or prints out a blank page.
Copy protected
Embeds copy prevention data onto the document when it is first copied or printed
Recognises an unauthorised attempt to make a copy
The scan-to-email and fax functions can also be restricted to pre-approved addresses only, to prevent documents being sent to unknown recipients.
* Requires optional Data Security Kit. Please contact your local Sharp representative for a list of compatible MFPs.
4
Job is cancelled
COPY PREVENTION WITH DOCUMENT CONTROL
Document safeguards
Data security
It makes sense to encrypt sensitive documents as a matter of routine. Suitable for all scanning operations, Sharp’s Encrypted PDF* function uses RSA technology to encrypt and password-protect the file before it is sent or stored. The file cannot be viewed without the correct password.
An additional layer of security is provided in the data stream. Secure Sockets Layer (SSL) encrypts information as it flows across the network to the MFP, protecting documents in the print queue.
Our Hidden Pattern Print* feature mitigates accidents, too. If an attempt is made to copy a restricted document - even on non-Sharp MFPs and copiers - the subsequent duplicates will bear a prominent watermark, such as ‘CONFIDENTIAL’, prompting the user to destroy them.
Many Sharp MFPs are equipped with a Data Initialisation* feature. This protects your privacy by removing all data from the internal hard drive when it’s time to replace your MFP.
For even greater data security, add our optional Data Security Kit*, which was the industry’s first Common Criteria certified solution of its type. An Advanced Encryption Standard algorithm is applied to all data as it is written to the hard disk, RAM or Flash memory, helping to prevent successful attacks.
The Data Security Kit also eliminates residual data by overwriting it up to seven times with a series of random values. You can do this in three ways: automatically on power up; automatically after each print, copy, fax or scan operation; or on demand.
*Please contact your local Sharp representative for a list of compatible MFPs.
5
Highly classified information needs special protection
/This is Why we help you cover all the angles.
If your company handles information which could make you the target for a skilled criminal hacker
- such as credit card data - you need to take all necessary steps to eliminate security weak spots. An obvious step - but one that is often overlooked - is to isolate the fax line.
We’ve designed our MFPs in such a way that the fax modem controller is physically separate from the other controllers and cannot run any external code. And not only is the fax system independent, but it will only respond to genuine fax transmission protocols.
Network protection
Sharp MFPs are equipped with an intelligent network interface that provides a secure firewall to each MFP, preventing unauthorised access to configuration and network settings. Access can be controlled at three levels:
• IP address filtering, which limits access to a select number of predefined addresses
• MAC address filtering, which limits access to specific devices regardless of their IP address
• TCP/IP services blocking, which blocks specific communications protocols and gives administrators the ability to close selected ports.
Communication to and from the MFP can also be protected with Secure Sockets Layer (SSL) for secure transmission across the network, and most devices* support protocols such as IPsec and SNMPv3. In addition, many recent Sharp MFPs* also support IEEE802.1X, which helps maintain a high level of security by allowing the MFP to connect to a secure customer network.
PORT CONTROL
*Please contact your local Sharp representative for a list of compatible MFPs.
6
About Common Criteria validation
The world’s first and highest rated MFPs
Common Criteria is an international standards evaluation programme that was introduced to validate the Information Assurance claims of manufacturers through standards such as ISO 15408, a set of evaluation standards for security products and systems established by the Common Criteria.
Common Criteria evaluations range from Evaluation Assurance Level (EAL) 1 to 7 with EAL 1 to 4 being most relevant for commercial security products.
Sharp was the world’s first MFP manufacturer to achieve Common Criteria certification and was also the first to receive EAL 4 for a data security kit. Today, Sharp continues to be regarded as one of the industry’s greatest security innovators with businesses and government agencies around the world depending on Sharp to keep their confidential data safe from unauthorised access.
MX-FRX8 Ver. M.10
MX-FRX9 Ver. M.10
MX-FR13 Ver. C.10
MX-FR14 Ver. C.10
MX-FR15 Ver. C.10
MX-FR22 Ver. C.10
7
WELCOME TO SHARP
Sharp has been manufacturing fast, reliable printers and MFPs - and devising new, more productive ways of managing documents - for decades. Many have won awards from respected independent research establishments. All have delivered class-leading performance, often transforming productivity in the workplace.
Sharp is a truly global company with local representation in all major countries. And our expertise now extends far beyond the realm of office printing. Today we address the needs of the whole enterprise, with innovations in LCDs, laser diodes, flash memory, solar cells, plasmacluster air purifiers, and projectors, to name just a few.
Design and specifications are subject to change without prior notice. All information was correct at time of print. Windows, Windows Server, and W indows Vista are registered trademarks of Microsoft Corporation in the United States and/or other countries. All other company names, product names and logotypes are trademarks or registered trademarks of their respective owners. © Sharp Corporation 2011 Ref. Security Solutions brochure. January 2012. All trademarks acknowledged. E&OE.
NOTES
www.sharp.eu
Loading...