Security FAQs (Frequently Asked Questions) for Service Calls

Similar documents
Security FAQs (Frequently Asked Questions) for Xerox Remote Print Services

BlackBerry Web Desktop Manager. Version: 5.0 Service Pack: 4. User Guide

Focus on Security Xerox and the P2600 Hardcopy Device and System Security Working Group

Hard Drive Retention Offering for Xerox Products in the United States

Xerox Mobile Print Cloud

ScoMIS Encryption Service

Surf it Easy. User Guide

Antivirus and Malware Prevention Policy and Procedures (Template) Employee Personal Device Use Terms and Conditions (Template)

SELF SERVICE RESET PASSWORD MANAGEMENT BACKUP GUIDE

HP ProtectTools Embedded Security Guide

Carry it Easy. User Guide

REQUEST FOR PROPOSAL INFORMATION TECHNOLOGY SUPPORT SERVICES

Introduction. PCI DSS Overview

PT Mbps Powerline Adapter. User Guide

F-Series Desktop User Manual F20. English - Europe/New Zealand

Desktop and Laptop Security Policy

Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)?

BlackBerry Web Desktop Manager. User Guide

VERITAS Backup Exec 9.1 for Windows Servers Quick Installation Guide

System Management. What are my options for deploying System Management on remote computers?

ESET NOD32 Antivirus 4 for Linux Desktop. Quick Start Guide

Quick Start Guide FLIR Firmware Update Tool

VERITAS Backup Exec TM 10.0 for Windows Servers

Product Security. Data Protection: Image Overwrite, Encryption and Disk Removal

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

Securing MFPs in a CAC Environment: Today and Tomorrow Critical Considerations

BlackBerry Desktop Manager Version: User Guide

TotalShredder USB. User s Guide

Migrating helpdesk to a new server

Security, Audit, and e-signature Administrator Console v1.2.x

ScanShell.Net Install Guide

Cisco ASA. Administrators

Reboot the ExtraHop System and Test Hardware with the Rescue USB Flash Drive

Installation & Upgrade Guide. Hand-Held Configuration Devices Mobility DHH820-DMS. Mobility DHH820-DMS Device Management System Software

title Scanner and Grader Setup Guide

USER GUIDE. Ethernet Configuration Guide (Lantronix) P/N: Rev 6

Netwrix Auditor. Virtual Appliance Deployment Guide. Version: 8.0 8/1/2016

Secure Installation and Operation of Your Xerox Multi-Function Device. Version 1.0 August 6, 2012

Firmware & Software update procedures Amicroe TouchTAB IV.

RecoveryVault Express Client User Manual

Installation Guide Wireless 4-Port USB Sharing Station. GUWIP204 Part No. M1172-a

Retention & Destruction

Online Backup Client User Manual

Malwarebytes Enterprise Edition Best Practices Guide Version March 2014

BlackBerry Enterprise Server Resource Kit BlackBerry Analysis, Monitoring, and Troubleshooting Tools Version: 5.0 Service Pack: 2.

Total Protection Service

BES10 Self-Service. Version: User Guide

Quick Start Guide. Version R91. English

Intel Active Management Technology with System Defense Feature Quick Start Guide

Total Protection Service

Getting Started. rp5800, rp5700 and rp3000 Models

Online Backup Linux Client User Manual

White Paper. BD Assurity Linc Software Security. Overview

HP Insight Diagnostics Online Edition. Featuring Survey Utility and IML Viewer

Online Backup Client User Manual

Cloning Utility for Rockwell Automation Industrial Computers

A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e. Chapter 3 Installing Windows

Xerox SMart esolutions. Security White Paper

MAGPOWR Spyder Firmware Update Instruction Manual

DSView 4 Management Software Transition Technical Bulletin

Imation Clip USB 2.0 Flash Drive. Imation Drive Manager Software. User s Manual

Basics of Preventive Maintenance and Troubleshooting DRAFT

A Systems Approach to HVAC Contractor Security

HDDtoGO. User Guide. User Manual Version CoSoSys SRL 2010 A-DATA Technology Co., Ltd. HDDtoGO User Manual

Steps for Basic Configuration

1. Product Information

Online Backup Client User Manual Linux

SC-T35/SC-T45/SC-T46/SC-T47 ViewSonic Device Manager User Guide

Xerox Mobile Print Cloud

Version 9. Active Directory Integration in Progeny 9

Polar Help Desk 4.1. User s Guide

Wharf T&T Cloud Backup Service User & Installation Guide

Quick Setup Guide High Power Wireless Ethernet Converter WLI-TX4-G54HP

Privileged Access Management Upgrade Guide

DriveLock and Windows 8

V ISA SECURITY ALERT 13 November 2015

INTEGRATION GUIDE. General Radius Config

Product comparison. GFI LanGuard 2014 vs. Microsoft Windows InTune (October 2013 Release)

Information Security Policy

Windows 8 Backup, Restore & Recovery By John Allen

October P Xerox App Studio. Information Assurance Disclosure. Version 2.0

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

HP External Hard Disk Drive Backup Solution by Seagate User Guide. November 2004 (First Edition) Part Number

Xerox Security Bulletin XRX13-006

Metasys System Direct Connection and Dial-Up Connection Application Note

Xopero Backup Build your private cloud backup environment. Getting started

Dell One Identity Cloud Access Manager How to Configure for High Availability

CareGiver Remote Support Information Technology FAQ

Carry it Easy +Plus Bio. User Guide

Instructions for installing Microsoft Windows Small Business Server 2003 R2 on HP ProLiant servers

Portions of this product were created using LEADTOOLS LEAD Technologies, Inc. ALL RIGHTS RESERVED.

Guideline on Auditing and Log Management

Online Backup Client User Manual

Modular Messaging. Release 4.0 Service Pack 4. Whitepaper: Support for Active Directory and Exchange 2007 running on Windows Server 2008 platforms.

Step-by-Step Setup Guide Wireless File Transmitter FTP Mode

NOVELL ZENWORKS ENDPOINT SECURITY MANAGEMENT

Vess A2000 Series. NVR Storage Appliance. Windows Recovery Instructions. Version PROMISE Technology, Inc. All Rights Reserved.

Installing JSA Using a Bootable USB Flash Drive

THE CHALLENGES OF DATA SECURITY IN THE MODERN OFFICE

Transcription:

Security FAQs (Frequently Asked Questions) for Service Calls November 1, 2011

2011 Xerox Corporation. All rights reserved. Xerox and Xerox and Design are trademarks of Xerox Corporation in the United States and/or other countries. Windows is a trademark of Microsoft Corporation. Printed in the United States of America. Changes and corrections will be periodically made to this document. Document Version: 1.0 (November 2011). THIS INFORMATION IS PROVIDED FOR INFORMATION PURPOSES ONLY. XEROX CORPORATION MAKES NO CLAIMS, PROMISES OR GUARANTEES ABOUT THE ACCURACY, COMPLETENESS, OR ADEQUACY OF THE INFORMATION CONTAINED IN THIS WHITE PAPER AND DISCLAIMS ALL LIABILITY CONCERNING THE INFORMATION AND/OR THE CONSEQUENCES OF ACTING ON ANY SUCH INFORMATION. PERFORMANCE OF THE PRODUCTS REFERENCED HEREIN IS EXCLUSIVELY SUBJECT TO THE APPLICABLE XEROX CORPORATION TERMS AND CONDITIONS OF SALE AND/OR LEASE. NOTHING STATED IN THIS WHITE PAPER CONSTITUTES THE ESTABLISHMENT OF ANY ADDITIONAL AGREEMENT OR BINDING OBLIGATIONS BETWEEN XEROX CORPORATION AND ANY THIRD PARTY.

1 Questions & Answers Q1: What does Xerox do to assure that we hire and retain professional service technicians? A1: Xerox has policies and practices to validate the trust we require of our employees. Employees are also required to annually receive training on, and acknowledge, the Xerox Code of Business Conduct which can be reviewed on our website here http://www.xerox.com/downloads/world/e/ethics_code_of_conduct_english.pdf For customers with government contracts, some service technicians have obtained security clearances under the auspices of the United States Government s Office of Personnel Management. Fulfilling our customers business requirements is a cornerstone business objective. To that end, Xerox works in partnership with our customers and employees to comply with additional security standards set forth by the customer. Q2: Xerox service technicians carry service laptops which they connect to devices during service calls. How can I be sure the service laptops are safe? A2: Service laptops carried by Xerox service technicians have a standard image with consistent Windows operating system and proprietary software applications to support device maintenance. The service laptop is a tool used by Xerox service technicians to view device settings, change non-volatile memory (NVM) settings, enable or disable device features, review device diagnostics, load software, test prints, and other trouble shooting tasks. These laptops are regularly updated with security patches and anti-virus signature files. Service technicians must log in to the service laptop with username and password. Data associated with Xerox proprietary service laptop applications is encrypted and cannot be accessed or copied without authorization codes. Some customers choose to run their own vulnerability scans on the service laptop as part of their security clearance process. Q3: How are USB thumb drives used by the service technician? A3: Service technicians may use thumb drives to load software on a Xerox print device. Policy requires technicians to use only USB thumb drives provided to them by Xerox. This helps to ensure that no malware is introduced to our products or the customer network environment. Xerox recognizes that some customers have strict policies regarding thumb drives that prohibit their use on site. In this case, the Xerox service technician can work with the customer s IT staff to download software from Xerox s secure internet facing website to load the software on a customer provided and authorized thumb drive. The United States Department of Defense has lifted the November 2008 ban on the use of thumb drives and instead provides strict guidelines for their use.

Q4: Is the software loaded on my print devices safe? A4: Xerox service technicians may need to load software on a print device to restore functionality to default product specifications or to update software to meet unique customer performance requirements. Many print devices have obtained independent third party Common Criteria certification for security features. Common Criteria Certification provides independent, objective validation of the reliability, quality, and trustworthiness of IT products. It is a standard that customers can rely on to help them make informed decisions about their IT purchases. Common Criteria is also known as ISO 15408. Several types of software release may be installed by a technician. General release software for products is downloaded from print device support pages on www.xerox.com. If Internet download is prohibited, then upon special request, Xerox can provide software on a thumb drive or CD. For walkup and desktop print devices, software releases that address specific customer issues or concerns (SPARs) are available from an internet facing Xerox website secured by SSL requiring the service technician to log-in for access. Software SPARs or new releases for production equipment are normally installed by Service Technicians. Software upgrade files are typically encrypted and digitally signed to ensure they are from Xerox. Xerox maintains software over the life of the print device through a vulnerability management process described here. http://www.xerox.com/informationsecurity/information-security-articles-whitepapers/enus.html Q5: Do service technicians update my print device for security bulletins? A5: For walkup and desktop print devices, service technicians do not update a print device for a security bulletin as part of the service routine. Customers wishing to maintain print devices for security can sign up for an RSS feed at www.xerox.com/security to monitor announcements for security bulletins. If a software patch is recommended by the bulletin, the patch, installation options, and instructions are provided along with the bulletin. Xerox can provide a patch management service for products through a managed services offering. On production print devices, Service Technicians will install security software patches as part of a service call. Q6: Do service technicians update the anti-virus signature files on my print device? A6: This is not part of the service technician process as most Xerox print devices do not require anti-virus software or signature file updates. For more information, please review this whitepaper. http://www.xerox.com/download/security/white-paper/12720f9-48c5f- 49fa772ba2800/cert_Xerox_Products_and_Anti-Virus_Software.pdf

Q7: Do service technicians update my print device for General Release software which may be published to www.xerox.com? A7: This is not part of the service technician process for walkup and desktop print devices. For large production print devices, service technicians may regularly update software to the most current General Release. Customers can check their Customer Expectation Documentation (CED) and/or contract to understand if the service is included for their print device. In order to provide continuing value to customers, Xerox may provide a General Release of software after a product is made commercially available. This software may be downloaded by customers from the print device support pages on www.xerox.com and includes installation instructions. Xerox can provide a software update service for products through a managed services offering. Q8: My company prohibits service technicians from bringing service laptops on site. What are my options? A8: Xerox recognizes that due to the sensitive nature of their business, some customers will not allow a Xerox Service technician to carry a service laptop into their facility. In the case where the Xerox product cannot be serviced without a service laptop, an alternate solution becomes critical. Xerox provides a process to assist the customer to acquire a properly configured computer (laptop or desktop) and the appropriate diagnostic software required to service the Xerox product. The customer must acquire the hardware at its expense and the laptop/desktop will permanently reside at the customer s facility. Contact usa.pws.asset.admin@xerox.com for additional information. Q9: Will the Xerox service technician connect his/her laptop to my network? A9: During a service call, the service laptop is directly connected to the device through a dedicated service port or the network port of the device. If the network port is used, then the device is first disconnected from the customer network. Often it is necessary to gather and review a trace of network communication between the Xerox print device and other network devices to troubleshoot issues. The service technician will work closely with the customer IT administrators as necessary to coordinate this activity. Typically, a hub is inserted between the print device and the network drop. The device and service laptop are connected to the network via the hub while the service laptop passively collects the communication exchange. Alternatively, the service technician can work with a network trace provided by the customer IT staff. Q10: Can the Xerox service technician access image files on the print device? A10: For walkup and desktop print devices, Xerox service technicians follow documented Standard Operating Procedures (SOPs) to connect to devices to access fault logs, configuration settings, and error codes to support trouble shooting. The SOP does not support access to image files on the device. Also the service laptop does not have access to the encryption keys, and cannot bypass the hard drive encryption available on many devices. On production print devices which utilize FreeFlow Print Server, Service Technicians who can log in with administrator permissions are able to preview job images. These images cannot be saved or downloaded to any storage device and are no longer available once the job has finished printing.

Q11: I m not sure image overwrite or secure erase was successful. Can the service technician inspect the print device hard drive to validate that the images have been erased? A11: Xerox Service technicians have no application software or SOP which supports viewing image files on hard drives for walkup and desktop print devices or browsing the directory structure. Customers may run a full on-demand image overwrite at any time if there is a concern over image data remaining on the hard drive. Many customers choose to schedule a full image overwrite on a daily or weekly basis as a back-up to the immediate image overwrite feature. On Production print devices which utilize FreeFlow Print Server, Service Technicians who can log in with administrator permissions are able to preview job images. These images cannot be saved or downloaded to any storage device and are no longer available once the job has finished printing. Some product models generate a hardcopy confirmation report when an on-demand or scheduled image overwrite completes. Other models will record an event in the audit log when this feature has been enabled. Either approach will record success or failure. More information on data protection for Xerox products can be found here: www.xerox.com/harddrive. Q12: I need to examine a hard drive on the print device to support a security concern. Can the Xerox service technician help? A 12: Xerox technicians are not trained or equipped to provide forensic service offerings. If a customer has security concerns regarding a hard drive, Xerox provides a Hard Drive Retention Offering to allow for purchase of the hard drive by the customer at a cost to the customer. The customer then may engage internal or third party forensics resources to inspect the hard drive. Q13: Does the Xerox service technician save any information from the print device or about my environment on his/her laptop? A13: During a service call, a Service technician does not store and/or transport any customer information without obtaining customer approvals. The Xerox Code of Conduct summarizes many Xerox policies for safeguarding and using customer information (page 10) and is published here http://www.xerox.com/about-xerox/citizenship/ethics/enus.html. In the event that log files or other information must be shared with Xerox engineering teams to resolve a problem, Xerox will coordinate with customer resources to ensure that the information is appropriately handled in compliance with all applicable policies. On production print devices which utilize FreeFlow Print Server, Service Technicians who can log in with administrator permissions are able to open log files and capture diagnostic information and write it to removable media.

Q14: After a service call, some settings on the print device, including security related ones, have returned to factory default values. What happened? A14: Xerox service technicians will attempt to print a hardcopy report of device configuration settings prior to servicing the device. However, this may not always be possible. In such cases, the Xerox service technician will restore functionality to the device in accordance with product manufacturing specifications. Certain service actions may cause all configuration settings on the print device to be reset to factory defaults. Customers are encouraged to keep a record of the configuration settings for the device along with other asset information and provide a copy to the Xerox service technician. For many product models, customers can generate clone files which capture many configurable settings for a device. This clone file can be used by customer IT administrators to expedite the restoration of the device to the customer s selected settings. The clone files must be carefully managed and maintained by the customer as they are specific to a particular product model and software version. Xerox service technicians do not store or transport customer specific configuration settings, including clone files, as part of a service call on their service laptop. After each service call, the customer should review settings on the device to ensure that settings are configured to support and comply with the customer s individual security policy. For customer convenience, Xerox provides (at an additional cost) a managed service offering to assist customers in deploying, monitoring, and maintaining devices for compliance to security policy.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information