Digital Photocopiers Loaded With Secrets - CBS Evening News - CBS News
What can we do about this bad press???????????
It makes the copier industry look like S@#T.
Digital Photocopiers Loaded With Secrets - CBS Evening News - CBS News
What can we do about this bad press???????????
It makes the copier industry look like S@#T.
Why do they call it common sense?
If it were common, wouldn't everyone have it?
That's quite a story! Well I know pretty much all colour machines have hdd's as standard equipment, but not all b&w machines do, even current ones.. but to say it's as easy as hitting print? Well maybe if you don't use due dilligence and don't delete your user boxes or equivalent. Even then.. to pull a hdd yeah it's not too hard. But not all hdd's are formatted to a standard that makes them "plug n play" and yes forensic data recovery tools are available to scan hdd's for "lost files". Jeez and if you have a copier in a sensitive location maybe you should get an encryption kit or even your "IT" department to at the very least get your copier company to format the hdd before it goes back to the lease company, or @ least inquire about it!! Wow... Nuff said.
Regards!
A.
The story does bring up a good point, I wonder how much of my information, as well as everyone else here, is going to the wholesalers.
Not many customers buy the security software or wipe the drives before we pickup their old machines.
The story puts the blame on the equipment, where the problem is with the user/key operator.
The HDD in most machines spools 10 jobs, then overwrites. Scanning when set correctly will delete the job.
Removable HDDs were an option in secure government facilities. The old analog machines in the same environment required the key operator/security individual to run 10 blank pieces of paper so there would be no latent image on the drum.
Far fetched but plausible.
Wouldn't it be the same persons job to secure the machine?
I am just saying the story was biased and wrong in blaming the machine.
Ultimately is is the user that should ask for it to be done.
We have been in the process of adding a disclaimer to our sales orders and also letting them initial the sales order declining the purchase of a Data Security Kit on applicable models. I guess it's time to finish that project.
Absolutely agreed!!
It's a two phased approach, IMHO.
Some of this goes back to the original sale. Most if not all vendors offer hard drive security options. Some will securely erase each job after printing, and there are options which will encrypt the drive. Some offer removable drives which can be removed nightly and stored securely.To keep the price down and to close the sale faster these options frequently either get downplayed or don't get mentioned at all.
On the service side, few dealers ever bring up the option of properly reformatting or even destroying the drive when the machine comes off lease or is otherwise traded in. While deleting mailboxes / stored documents is a step in the right direction, these files still exist on the drive and could be reconstructed using forensic software as mentioned in the article / video clip if no security measures have been taken.
The good news (kinda) is that these features can normally be added after a machine is already in place. The downside is just how the cost gets added into the lease - that part can be a nightmare.
And none of this even touches on machines that are in use, and implementing proper security measure on them. Things like shutting down unnecessary ports and protocols, along with changing default passwords are key to keeping a machine secure. Of course, when machines get too locked down, it makes our jobs nearly impossible sometimes to properly service the equipment. It's a delicate balance.
BTW... If your company offers a security whitepaper, make sure that you keep a copy (both paper and electronic) available at all times. Just as importantly, though, make sure that you at least mostly understand what it says, in case you run head first into a "tough" IT person. (Easier said than done, I know...)
I think that if enough decision making folks get a look at the news clip, we may be in for a bunch of customer calls.
“I think you should treat good friends like a fine wine. That’s why I keep mine locked up in the basement.” - Tim Hawkins
why dont they just remove the hard disk , install a new one before turning the machine comes off lease
a machine is only as good as your tech : source:screwtape ; the scary one
I don't know about any other Mfgr, but Ricoh stores data on the HDD raw - there is no recognizable data format (at least as far as any forensic software is concerned - they would be expecting a standard Microsoft or Mac file system and would not be able to piece much together) to recover data from. Ricoh also offers a Disk Overwrite Security System (DOSS) capable of doing a DOD compliant wipe and a removable HDD option for most machines if they're in a high security area. There are copy prevention systems that can recognize a secure print document and refuse to copy it. (of course all machines in the secured area have to have this feature or you could just walk over to another machine.) There are also user modes that allow a key operator to lock the user functions and also lock a tech out of service mode (we don't tell people about this for obvious reasons)
Its just a matter of the sales and service people having the right information to sell to a secure environment customer.
73 DE W5SSJ
I deal with Army contracts for Special OPS. They are using Bizhubs, and one reason is that we put em in with out hard drives. My guys say they have people who can open that Ricoh hard disc and get what they want. Ricoh has machines on base with hard drives, and I bet I can walk into a secured location, identify myself as the copy guy and walk out with one in my hand.
The greatest enemy of knowledge isn't ignorance, it is the illusion of knowledge. Stephen Hawking
It's really not bad press..........it's an opportunity to educate your customer base and to sell additional software safety or at the very least, a customer relations positive by telling and reminding customers of this potential liability and or charging extra at the end of lease or ownership to erase all hdd info. Copiers are no different than cell phones and computers, all store info.
I use to take care of a Strategic Air Command Base and some Tactical Air Command locations, you know, bombers and fighters. One location had a building called Threat Evaluation and Combat Surveillance......................... the stories I could tell........................but then I'd have to wipe out this entire website................
Bookmarks