Your information. Our solutions. A secure combination. Secure solutions for secure business. ricoh-europe.com/securitymatters
Your security. Our priority. We appreciate that your business information is a primary asset. If sensitive details end up in the wrong hands, the risks to your profitability and image are unacceptable. As much information exists within paper or electronic documents, it is vital that this information is protected. Our solutions are designed to effectively integrate with your existing security infrastructure, policies and procedures. These can be tailored to exactly match your needs. And naturally, all information is treated with the strictest confidence. We have identified five key areas that you need to consider as a priority. Click here for our security solutions overview
ricoh-europe.com/securitymatters Document Processes & Protection Throughout their entire lifecycle documents need protection. From capture, store and manage to output, distribution and even scheduled destruction, the core principles of confidentiality, integrity and accessibility are critical to the management of your information capital. We help keep documents safe and secure throughout every stage of the process from secure scanning, document management and retention to secure printing, controlled accessibility and sharing of information. User Identification & and Administration work seamlessly together so that only the right people can access the right information. By using options such as passwords, ID cards or biometric identification, unauthorised access can be denied to those who are not permitted, keeping your information capital safe and secure. Systems Configuration & Devices Providing a secure environment for storage of information capital and its authorised usage is a key driver in the development of our products and their operating systems. Our latest devices come equipped with proprietary software to protect data against opportunistic or targeted threats. Even at the end of a device s life, we offer services to protect information. We offer protection to ensure that information cannot be stolen, modified or falsified and then re-inserted back into your network. Our range of solutions and tools allow you to encrypt network communications, quickly disable all ports that are not used and control safe client address lists to prevent hackers and other malicious parties from gaining access. A range of tools can help manage the security of your environment. Logs of activities such as authentication attempts and setting changes are recorded to enable auditing for security-related events. Management tools with customisable reporting can provide visibility of many actions executed on our devices. These provide a traceable record of print, copy and fax activity by device, user, workgroup or project. This allows more effective security as well as cost management. Click here for our security solutions overview
Security Matters Knowledge and information have a value. At Ricoh, we call it your Information Capital. It is an essential driver for all business. It gives competitive advantage. Yet your business information is subject to increasing threats in this digital age. An open safe Modern technology has opened up an area of considerable concern in data security. To give just one example, since 2002 nearly every digital copier device in the industry has been built with hard drives. These are essential for the production process and efficient operation. However, they can store a latent image of processing data as well as address data and documents intentionally stored for printing on demand. Without effective management, they can present a possible weakness rather like leaving an office safe open with highly sensitive data such as personal customer data, employee records, business plans and strategies inside. This could be an issue, especially when the copier eventually leaves your site. Click here for our security solutions overview
Security Matters Modern technology has opened up an area of considerable concern in data security. How companies are vulnerable 95 pages of pay stubs with names, addresses and social security numbers. 300 pages of individual medical records. These are a fraction of the ten of thousands of documents downloaded from previously leased copiers. As highlighted by the controversial report on CBS News April 2010, the extraction of data is not only a great deal easier than many of us may think but is also an emerging trend throughout the world which unnecessarily exposes companies to risk. Coupled with this there are regulatory and legal requirements to protect sensitive information. However, independent research* shows that in some businesses, such data remains unprotected. Although there is a high awareness of risks to document security, just 47%^ of European business leaders are able to confirm that they have a policy in place to control the printing of customer information. This makes companies more vulnerable to security breaches, whether accidental or intentional, through people or groups, both internal and external to the business environment. * Coleman Parkes Research Ltd, 2009 Ricoh Document Governance Survey ^ Average across Financial Services, Professional Services, Public Sector and Telecoms/Utilities/Media Click here for our security solutions overview
Business Impact There have been several well publicised examples across Europe where sensitive information such as health records, bank details and even classified government documents have been lost without any security to protect the data. Besides impacting a company s reputation, security breaches can be costly. In the motor racing industry, a 780 page document containing technical information about Ferrari s F1 car was found in possession of a McLaren designer. The sport s governing body considered the effect to Ferrari s competitive advantage was so damaging that McLaren was heavily fined and stripped of its championship points for the season. In 2011, an employee of York City Council in England sent out sensitive information wrongly collected from a shared printer. The Council has been penalised by the Information Commissioner s Office (ICO) for breaching the Data Protection Act. Following an investigation the ICO found there was a lack of quality control and management supervision. As a result, the Council has had to sign an undertaking to ensure no personal data is printed when unnecessary and introduce new quality control checks when documents are being sent out as well. Click here for our security solutions overview
Business Impact If confidential information is leaked it can impact your business via: Just 47% of European business leaders are able to confirm that they have a policy in place to control the printing of customer information. Intellectual Property Rights: Loss of business investment in Research and Development Customer Information: Personal information is protected by legislation. Fines can be imposed if regulations are not met Commercial Information: Commercial advantage can be lost if sensitive or confidential information is leaked Third-party information: Information handled through outsourcing activities. Customers can lose trust and confidence in the outsourcer and may resort to financial compensation Click here for our security solutions overview
Thought Leadership In 2004, we gained ISO 27001 worldwide certification for Information Security Management. The issue of security is not a new trend for Ricoh. We have always taken a consistent and global approach to secure information - for ourselves as well as for our customers. In 2004, we gained ISO 27001 worldwide certification for our head office and manufacturing sites (which over the following years was extended for all our individual sites). This is a credential of trust because to us the trust of our customers is essential to forming long-term partnerships. Our thought-leadership is clearly demonstrated right from the earliest stages of the design of our hardware and software. In fact in 2002, we were the first to receive ISO/IEC 15408 certification for a digital multifunctional product. Now our latest devices have obtained Common Criteria certification conforming to IEEE 2600.1, an international standard for IT security products. Click here for our security solutions overview
Thought Leadership Defining the measures We have developed a portfolio to help organisations manage and protect Confidentiality, Integrity and Availability of information. By implementing security measures, businesses can monitor office equipment and safeguard against information leaks and loss. Safeguarding your interests Our consultants also work with customers to identify solutions, services and define policies which balance security and management with the need for flexibility and efficiency. creating a secure infrastructure gives your business a reassuring combination of confidence and confidentiality. By creating a secure infrastructure that evolves as technology advances, your business is armed with a reassuring combination of confidence and confidentiality. Click here for our security solutions overview
Document Processes & Protection Keeping your sensitive information, secure. Do you have concerns that sensitive paper documents can be mislaid or not easily accessed by those who need them? Are your prints ever picked up by someone else by mistake? How do you ensure that electronic documents are not intercepted and possibly tampered with or information is not mislaid? Given the potential risks to your information capital, it follows that from paper based to electronic, documents need protection throughout their entire lifecycle. During every stage of the document process, from capture, store and manage to output, distribution and scheduled destruction, the core principles of confidentiality, integrity and accessibility are critical. We can provide solutions so that only the right people can access the right information. For example, paper documents can be scanned and converted to secure electronic files and stored in a central database. Here they can be protected with access control but still be easily searchable and accessible to authorised users with powerful search and retrieval tools. To further improve authenticity and integrity, digital signatures can be added to documents before users exchange them electronically. The sharing of information can be controlled by managing distribution destinations such as the sending of scanned documents to predetermined folders, scan to me, redaction of sensitive information and secure printing. Improved processes like these help increase efficiency and well as ensuring that your business has complete control over the management of its documents.
Document Processes & Protection - Secure Conversion Secure Conversion ObjectIVE: Protect sensitive information in line with company security policies/adhere to regulations such as data protection laws Merging vulnerable paper documents into secure electronic workflow Enabling accessibility of authorised users to paper and electronic documents Problem ensuring all the right people have access to documents, both paper and electronic Difficulty in auditing who has access to paper documents ISO 12.5.4 Information leakage (risk clause ISO27002) Unauthorised viewing or tampering of sensitive documents Paper documents could be mislaid in distribution or duplicate copies exist Our intuitive MFP displays provide simple access to workflows for document scanning and distribution Only authorised users can access MFP functions such as scanning, and send to destinations that can be pre-defined by an administrator Users can also create password protected PDFs from scanned documents - allows them to set security controls for recipient s viewing, editing/printing To improve document integrity, scanned documents can be previewed on a Ricoh MFP before sending. Plus a digital signature can be added, ensuring information has not been altered since it was sent by confirming that a document scanned on the MFP is intact. Digital signatures also verify the identity of the creator Paper documents can be scanned and electronic documents captured to be routed directly into a Document Management System. In the DMS they can be protected with access controls but are also easily searchable and accessible to authorised users To help with document classification metadata can be added at Ricoh MFPs or the desktop; for fast retrieval, documents are organised into searchable and well-structured electronic formats; full or zonal Optical Character Recognition (OCR) permits indexing capability for reduced manual administration Encryption over SSL (Secure Sockets Layer) uses a private key to encrypt data scanned from Ricoh MFPs to server using secure connection
Document Processes & Protection - Electronic Document Management Document Integrity PDF/A for File Preservation Electronic Document Management Objective: To ensure data availability, confidentiality and integrity Information made available when needed. Seamless integration of storage and document processing with security controls Documents are mislaid or inaccessible either in manual paper processes or locally stored electronic files Unauthorised access to documents and information Tampering or undetected modification of documents We provide solutions to capture and index paper and electronic documents and route into centralised electronic storage with powerful management capabilities. Availability: Full integration with Ricoh MFPs enables easy selection and scanning directly into the appropriate business process folder Electronic folder structures are created for a trusted archive which stores hundreds of document types. Powerful search capabilities give fast access for finding a file or information within a file within seconds Company documents are centrally available and the information capital is protected so should an individual employee leave, it remains accessible Confidentiality: Safeguards information with role-based access control Allows assignment of granular and fully customisable security permissions. Security models can be defined for user roles, groups or individual databases Roles can be tightly integrated to an Active Directory/LDAP to simplify the user experience while keeping information secure. (Requires server options) Data Integrity: Manages changes and aids compliance by ensuring information accuracy with audit/logging trails and check-in/out Version Control with server options. Ensures data cannot be modified undetectably Shows which document is the latest or published version Prevents unauthorised overwriting or changes to documents Records management features enable tasks such as an automatic date expiration which allows you to set the length of time files are to be kept before they are required to be automatically destructed in line with regulations or policies Browser-based access can be restricted to read only access
Document Processes & Protection Electronic Document Management - Document Integrity PDF/A for File Preservation Assuring Integrity of Documents Objective: Provide solutions to ensure confidence that a document has not been tampered with and is as sent originally Information in a file is altered after it was originally sent Mistakes can be made when manually Bates Stamping onto paper in this time-consuming process Digital Signature: To improve document authenticity and integrity, users can add a digital signature to PDF documents. A digital signature can be added to documents at a Ricoh MFP or, for electronic documents, on a desktop The signature gives assurance that information hasn t been altered since sent. It also verifies the signer s digital identity Digital signatures are now accepted by law in many countries The document version history lets recipients see when the document was signed and see when any changes were made. This history is encrypted and stored inside the PDF and can be viewed via the signatures pane A certificate creation tool is also available this allows the user to create a digital certificate for digital signature via Ricoh MFPs If scanning original documents and applying the digital signature are both done by a Ricoh MFP at the same time, it helps prevent the scanned document being changed unintentionally before signing, or being signed by an unscrupulous person Bates Stamping: Is a widely respected and often key requirement in legal, medical and business areas Users can automatically apply Bates Stamps to electronic documents from their desktop to uniquely label and identify each page of a PDF The stamp appears as a header or footer on specified pages and can contain additional information Bates Stamps and Page Numbering can be applied in manual or batch mode with flexibility in location, structure and sequencing PDF Watermarks: These can be added from a desktop even if they didn t exist in the original - to include ISMS information security level, for example
Document Processes & Protection PDF/A for File Preservation Electronic Document Management Document Integrity - PDF/A for File Preservation Objective: The long-term preservation of electronic documents for confidence in archiving and Document Management Ensure that those documents will be able to be retrieved and rendered with a consistent and predictable result in the future With different tools and systems used to create, store and render files, there is a danger files are not displayed in the same way over time Need to electronically archive documents in a way that will ensure preservation of their contents over an extended time period ISO 19005-1 defines a file format based on PDF, known as PDF/A, which provides a mechanism for representing electronic documents in a manner that preserves their visual appearance over time, independent of the tools and systems used for creating, storing or rendering the files The standard ensures documents can be exactly reproduced for years to come We provide methods of scanning direct to PDF/A via Ricoh MFPs or converting different electronic file formats to PDF/A on a desktop PDF/A is a subset of PDF which leaves out features not suited to long-term archiving. This requires that the PDF/A documents are 100% self-contained with everything necessary for displaying the document the same every time, embedded in the file A PDF/A is not reliant on information from other sources such as font programmes and hyperlinks
Document Processes & Protection - Secure Printing Copy Data Security Watermarking Archiving Print Jobs Secure Printing Objective: Maintain confidentiality by suspending document printing until the authorised user identifies themselves at the device by authenticating Secure print data while, in transit, during process and while stored on the device Hard copy documents uncollected by users left in output trays. Anyone passing by can browse through or remove prints left on the output tray Users having to rush across the office to retrieve a sensitive document Falls under the following Standard control clauses (ISO27002): 10.7.1 Management of removable media 10.8.1 Information exchange policies and procedures 11.3.3 Clear desk and clear screen policy Print data can be intercepted in transit, during process and while stored on the device Access to Ricoh printers and MFPs can be controlled so that users have to authenticate at the device in order to release their prints Ricoh has a number of different authentication methods from a simple PIN, username and password, or with an ID card - even using existing entrance access card infrastructure Simplest device based functionality selected in the driver; user authenticates by entering a password or PIN (Personal Identification Number) at the device control panel. Print jobs can be deleted from the server if not collected by a certain time. (Requires a hard drive) - The password used for locked printing can be encrypted to protect against wiretapping 1 of 2
Document Processes & Protection - Secure Printing Copy Data Security Watermarking Archiving Print Jobs Secure Printing For increased flexibility, alongside secure printing, other server and server-less solutions offer all the benefits of shared centralised MFPs or printers without compromising document security: - Print jobs can be released by the authorised person from a choice of more than one device, or even any device on the network - User manages own print queue and can delete unwanted material - Queue automatically deleted if not collected e.g. after 24 hours - Documents stored on the printer are encrypted so information cannot be compromised if hard drive leaves the site When integrated with card authentication, users simply swipe an ID card instead of remembering a password which may be disclosed to others For a higher level of security, users may have to swipe a card, in addition to using a password before their print is released Mask Print information: Authenticated users can only view their own Spool Printing list, printer job history, and error log, other users information will be masked using asterisks ( **** ) - When User is not enabled, it is possible to view the list of Locked Print documents created by all users, however all filenames are displayed as asterisks ( **** ) - When User is enabled, the user cannot view any information on this list until authenticated. However, even after successfully logging in, the user can only view a list of his or her own Locked Print documents (the filenames for which are displayed as is, without asterisks) Print data can be encrypted while in transit using SSL Secure print data during processing: - Only unique Ricoh protocols are used for the exchange of data internally within the device this prevents illegal access to any program or data - Each MFP function runs as an independent process preventing illegal access to networks and internal programs from an outside line Print data can be encrypted while it s stored in the device using 256 bit Advanced Encryption Standard 2 of 2
Document Processes & Protection Secure Printing - Copy Data Security Watermarking Archiving Print Jobs Copy Data Security Objective: Control unauthorised copying by embedding patterns which greys the document to prevent duplication on other MFPs An illegal attempt is made to copy a document Unauthorised Copy Control is a unique Ricoh feature. It embeds patterns and text under printed text, eliminating the risk of unauthorised copying of sensitive documents It consists of two functions: Mask Type for Copying* embeds a masking pattern and message within the original printout. If copies are made on Ricoh or non-ricoh devices the embedded message appears the author s name would, for example, help identify the originator Data Security for Copying - when printing on a Ricoh MFP, if this feature is selected in the driver, all copies made of the original on a Ricoh MFP + will be greyed out *Some digital MFPs may not detect masking patterns + Requires Copy Data security Unit. Not supported on some fax-enabled configurations. Scanner feature must be deactivated on some scan-enable configurations. Copy reduction ratio less than 50% will be deactivated
Document Processes & Protection Secure Printing Copy Data Security - Watermarking Archiving Print Jobs Watermarking Objective: Add an additional layer of visible security that highlights the sensitivity of a document Unclear if a distributed document is a draft or confidential therefore may not be treated with the right level of sensitivity Watermarking driver setting Allows user to simply add a message behind the text of a document Words such a draft or confidential can be used for example in accordance with the security policies of the company
Document Processes & Protection Secure Printing Copy Data Security Watermarking - Archiving Print Jobs Archiving Print Jobs Objective: Ensure that documents produced are readable for at least one hundred years Paper documents degrade and become illegible over time Ricoh devices meet the archiving requirement so that documents produced by these devices are readable for at least one hundred years Toner adhesion meets the ISO 11798
Document Processes & Protection Control Scan/Fax Destinations - Control Scan/Fax Destinations Secure PDF Sharing Faxing Security Removal of Confidential Text OBJECTIVE: Regulate access to scanning functions in order to control distribution of confidential documents Non-authorised users attempt to scan or fax documents for example, trying to send leaked documents outside of the company to a competitor Control destinations for documents that are scanned or faxed. Delivers documents directly into a document workflow from a Ricoh MFP e.g. to pre-set email addresses or folders Easy to use interface on the MFP decreases human error with icon-driven select and go scanning process When used in conjunction with authentication methods administrators can even create workflows and predefine destinations for a user s documents e.g.: - Scan to me scanned documents are automatically forwarded per SMTP to the email address of an authenticated user- this address needs to be looked up in LDAP, SMTP server can be configured centrally - Files are sent as attachment in MIME coded email message Reporting and tracking of distribution activities provides an audit trail For those organisations in certain environments who must be able to provide evidence of all data processed; there is an optional feature to store and archive all documents processed on the device for audit and accountability purposes
Document Processes & Protection Control Scan/Fax Destinations - Secure PDF Sharing Faxing Security Removal of Confidential Text Secure PDF Sharing Objective: Ensure that only the right people can access certain information Protect PDF documents with password and/or permissions control for secure sharing and archiving Information getting into the wrong hands Even documents marked with ISMS security classifications can be ignored by malicious actions or subject to human error There are high profile examples of documents marked highly confidential being widely circulated - even appearing in newspapers We can provide software to protect sensitive information with PDF creation that works alongside any organisations security policies PDFs are encrypted while in transit using SSL Users can also set passwords on PDF files with 128-bit secure encryption requiring others to know the password in order to view, edit or print them Users can set the security level of their PDF files directly from Ricoh MFPs or protect electronic files via their desktop with drag and drop ease There are two types of password: - Open Password restricts document accessibility-can only be opened by supplying the password when prompted - Permissions Password allows users to define how a document is used or modified-provides options to control/disable printing or editing Digitally signing of PDFs to confirm authenticity and integrity Users can additionally send multiple files in their original formats in an encrypted PDF envelope from their desktops
Document Processes & Protection Control Scan/Fax Destinations Secure PDF Sharing - Faxing Security Removal of Confidential Text Faxing Security Objective: A range of solutions to prevent unauthorised user access or tapping of phone/fax lines Unauthorised access to a corporate network via fax line Illegal tapping of phone lines Unauthorised use/abuse of fax If an initial connection is established with a terminal that does not use G3 or G4 protocols, the MFP will view this as a communication failure and terminate the connection. This prevents access to internal networks via telecommunications lines and ensures that no illegal data can be introduced via these lines Restricted access: Requires authorised user code - keeps device usage under firm control and deters passers-by from using it Can be linked to the Night Timer feature to prevent afterhours access Network limits access to the fax systems, increasing security by monitoring usage Access is restricted to users with a Windows domain controller account Server limits access to fax system for scan to email as well as standard faxing, IP faxing and LAN faxing Security PIN Code Protection. To prevent exposure of a PIN Code or Personal ID, any character after a certain position in the destination s dial number is concealed in the display and Communications Report Closed Network checks the ID codes of the communicating machines. If they are not identical communication is terminated. This prevents potentially sensitive information being transmitted, intentionally or accidentally to the wrong location. (Requires Ricoh fax systems with closed network capacity) Confidential Transmission/Reception enables user to transmit to /receive a passcode-protected mailbox. Messages are only printed after recipient enters correct passcode providing an enhanced level of security Memory Lock retains documents from all or specific senders in the memory. When the Memory Lock ID is entered, the document prints again this prevents documents sitting on the receive tray for anyone passing to read Fax to email a sub-address attached to a fax number allows a fax to be routed direct to recipient s e-mail on a PC. Maintains confidentiality as only the recipient can view the message
Document Processes & Protection Removal of Confidential Text Control Scan/Fax Destinations Secure PDF Sharing Faxing Security - Removal of Confidential Text Objective: The blacking out/redaction of confidential text Removal of sensitive information prior to release or publication To adhere to industry regulations and Data Protection Policies Documents distributed with sensitive details included Time-consuming searching and marking of documents by hand with chance of human error In business and law, a document can have certain parts redacted, involving the removal of sensitive names and details. For example, a court may order that the names of signatories of a petition be redacted to protect their identity. Typically, it has been performed manually however we offer an automated solution. Users can redact PDF Normal and Text Searchable PDFs at the desktop using powerful search and redact features. These automatically search documents for specified words then remove information with options to also remove any metadata associated with it Redaction codes or text can be placed over the removed information to indicate why the information was redacted The redaction workflow can also be directly selected from a Ricoh MFP display. The results are delivered as a searchable PDF file with all the specified information fully redacted Images as well as text can be permanently removed from PDF files through redaction
User Identification & Managing authorised access on every level. What can a business implement to prevent unauthorised system usage and control circulation of sensitive data? How do you control distribution destinations and manage authorised users access to certain functions or prevent them from changing specific settings? On every level, control of access is the key to minimising risk. With our systems, and Administration work together in identifying users to establish and verify access rights and prevent unauthorised usage. Administrators authorise access to system functions to suit appropriate levels of rights, and to restrict users from accessing or tampering with system settings. is also used to enable functionality such as secure printing and scan to me, as well as enabling tracking and monitoring usage by individual or department. A choice of options such as passwords, authentication cards or biometric identification methods, can be used to permit and manage access for groups or individuals. An organisation s existing IT infrastructure can also be used for authentication management by integrating into LDAP (Lightweight Directory Access Protocol) or AD (Active Directory) and staff entry ID cards, for example, can be used to access devices.
User Identification & - User Card User Objective: Identify users to verify permissions to perform certain operations or access specific resources: Prevent unauthorised system usage or changing and tampering of machine settings Control access of system functions Identify users to enable secure printing and distribution control such as scan to me 1. Unauthorised person accessing the device Risk and Standard control clauses (ISO27002) Unauthorised user of print service uncontrolled resource - 6.1.4 process for information processing facilities - 15.1.5 Prevention of misuse of information processing facilities 2. Unauthorised distribution of documents - E.g. Incorrectly assigned owner of scanned document - 11.5.2 User identification and authentication 3. Different access levels required to prevent inappropriate viewing/usage Users identify themselves at an MFP or printer by authentication. This prevents unauthorised access, and allows monitoring and management of device usage by user level - Administrators can control access to device functions for example by only giving a user access to print and not copy, or only allowing copying in black and white - also allows secure release printing and customised destinations for particular users, such as scan to me There are four methods for user authentication basic and user code (verified against local databases); existing IT infrastructure can be used for authentication by integrating into LDAP (Lightweight Directory Access Protocol) or Active Directory. For increased user friendliness and also to prevent PIN/password being overseen, users can also use ID cards to authenticate (see card authentication) 1 of 2
User Identification & - User Card User 1. Windows : Verifies the identity of the user by comparing login credentials (user name and password) against the Active Directory server database. - Unlimited user accounts - Suits multi-machine usage, organisations with large user base and hot desking, roaming profiles 2. LDAP authentication: Validates a user against the LDAP server so only those with a valid user name/password can access the global address book - Unlimited user accounts - Suits multi-machine usage, organisations with large user base and hot desking, roaming profiles 3. Basic : Verifies a user against the name/ password registered locally in the device s Address Book to allow access. - Gives 500 user accounts - User name & password and alpha numeric fields, usage tracking, export/import data, static network user - Administration roles: Access, network, machine, user, file and engineer access prevention 4. User Code : Utilises standard User Code system to authenticate the user. PIN code entered by user is compared to registered data in the address book and validated before access is permitted A User Code can be assigned according to desired level of access It enables system administrators to monitor and manage usage generate print counter reports by function and User Code Both Basic and User Code can be used in Windows and non-windows office environments Other Methods: Integration server authentication Integration server authentication is used when there is a need to integrate with a specific authentication system such as RADIUS server authentication 2 of 2
User Identification & User - Card Card Objective: Manage and control user access to printers or MFP functions Avoid information leaks by limiting access to email and fax Improve security by providing two forms of authentication Extend Public Key Infrastructure (PKI) environment 1. Unauthorised person accessing the device Risk and Standard control clauses (ISO27002) Unauthorised user of print service uncontrolled resource - 6.1.4 process for information processing facilities - 15.1.5 Prevention of misuse of information processing facilities 2. Unauthorised distribution of documents - E.g. Incorrectly assigned owner of scanned document - 11.5.2 User identification and authentication 3. PIN/password being forgotten or disclosed to unauthorised person 4. Different access levels required to prevent inappropriate viewing/usage Use cards for authentication for: user convenience, or to improve security by providing two forms of authentication; something a user has (the card), and something they know (the card s PIN) User access to a MFP or printer can be permitted by using ID cards Documents can be released and printed securely by a swipe of an ID card Access to email and fax functions can be controlled, for example by providing predefined destinations according to the status of the individual, to prevent misuse/leakage of information Authorised access can be further controlled by setting scan to sender details as the ID card owner to prevent spoofing of the sender An organisation s existing log on and entrance access card infrastructure can be utilised for simpler IT management and easier user access The access log and job log function on our Device Monitoring & Management tools allow tracking of exactly who, where and when any confidential information is sent Use Public Key Infrastructure (PKI) to improve security. Opportunity to extend PKI by digitally signing documents during scanning, using card authentication
User Identification & Administrator - Administrator User Access Control Objective: Control permission level granted to each user to prevent unauthorised usage of stored information Provide authorisation rights and authentication management for administrators Identify and delegate management tasks to the administrators based on their username and password Reduce workload put on any single administrator Risks and Standard control clauses (ISO27002): - 6.1.4. process for information processing facilities - 15.1.5 Prevention of misuse of information processing facilities Excessive privileges given to any one administrator Up to four administrators can share management of system settings and user access to devices for separation of duty if required. A separate Supervisor role allows setting/ changing of administrator passwords. By sharing the administrative work among different administrators, MFP management workload and responsibilities can be spread evenly and according to areas of expertise - This provides enhanced security as no one administrator is assigned with excessive privileges 1 of 2
User Identification & Administrator - Administrator User Access Control If Administrator is enabled, the four types of Administrator privileges are built-in to the machine. These roles can be combined to suit an organisation s requirements: - Machine Administrator: Can configure machine settings - Network Administrator: Network settings such as IP address and SNMP server can only be specified or changed by the Network Administrator - File Administrator: Manages access permissions to stored files. The File Administrator can set restrictions based on passwords that allow only registered and permitted users to view and edit files stored in the document server - User Administrator: Manages user accounts in the address book. If a user forgets their password, the User Administrator can delete it and create a new one - Supervisor: Can delete any administrator password and specify a new one. The Supervisor cannot configure machine settings or use functions Document Management & Electronic Storage: Central repository secured with integrated Role-Based Access Control (RBAC) Assignment of individual rights, profiles and roles Assignment of roles to groups Easy user and group administration and authentication; integration and synchronisation of users/groups in external Directory Services with support for LDAP and Active Directory Services Browser-based access can be restricted to read-only access 2 of 2
User Identification & Administrator - User Access Control User Access Control Objective: Document owners can control access to their files stored on the document server Documents stored within the printer/mfp s document server can be accessed by PC users on the network Risks and Standard control clauses (ISO27002): Prohibiting unauthorised document circulation Password-Protected Files: Document owner can provide access to files stored on the document server. Files can be password protected, restricting user access. Passwords can be set by using from four to eight digits Specify User Access Level: Four types are available - 1. Read only: User can print and send stored files - 2. Edit: In addition to the above, user can change print settings for stored files - 3. Edit/Delete: Also gives user ability to delete stored files - 4. Full Control: users can utilise all aspects and control other users access permission Enhanced Password Protection: Should anyone attempt to break the password-protected code, access is automatically locked by this feature
Systems Configuration & Devices Helping keep data and devices secure. How can you safeguard confidential information processed and stored on MFPs and printers? Are your systems and devices able to withstand potential attacks? Providing a secure environment for the processing of information is a prime driver in the development of our products and their operating systems. That s why you ll find that our latest devices come equipped to protect printed and electronic data against opportunistic or targeted threats. In fact globally, a number of our devices have achieved the Common Criteria certification which conforms to IEEE 2600.1. The latter is an international standard that defines requirement specifications for office use as well as government where a higher security level is required. In today s digital age, devices such as printers and MFPs throughout the industry can store latent images of processing data. There s also address data and documents intentionally stored on the Hard Disk Drive for printing on demand. This can open up an area of considerable concern, especially when devices eventually leave your site. The protection offered on our devices includes encryption to make intercepted data indecipherable and the ability to overwrite data to prevent it falling into the wrong hands. RAMbased security can provide an alternative to the Hard Disk Drive for some customers. We also offer services to ensure no information remains on a device at the end of its life.
Systems Configuration & Devices - Secure Printing Hard Disk Drive Security Security Certification Secure Printing Objective: Maintain confidentiality by suspending document printing until the authorised user authenticates Protect data whilst being processed Hard copy documents left in output trays anyone passing by could browse through or remove Urgency placed on user to immediately retrieve a sensitive document Falls under the following Standard control clauses (ISO27002): 10.7.1 Management of removable media 10.8.1 Information exchange policies and procedures 11.3.3 Clear desk and clear screen policy Print data captured whilst in transit Maintain confidentiality by releasing print only when document owner authenticates at the device. methods range from a simple PIN to user name and password or an ID card - even using existing entrance access card infrastructure In-built device security requires that the authorised user authenticates by entering a password or PIN (Personal Identification Number) at the device control panel - Available through Ricoh s advanced print drivers (requires a hard drive which may be optional, depending on model) - Print jobs can be deleted from the server if not collected by a certain time - The password used for locked printing can be encrypted to protect against wiretapping For further security and added user convenience, we offer a number of solutions that permit single sign-on with existing IT infrastructure or ability to unlock prints by swiping entrance access card for seamless IT management To protect data during processing the device functions run as independent processes with specific memory space allocated separately for each module. This makes it impossible to directly access the memory space of any other module. For example, incoming fax data will only be sent to those applications designated for fax operations this arrangement prevents illegal access to networks and internal programs from an outside line Only unique Ricoh protocols are used for the exchange of data internally within applications - this prevents illegal access to any program or data Data is encrypted while in transit Data is encrypted while waiting for printing
Systems Configuration & Devices Secure Printing - Hard Disk Drive Security Security Certification Hard Disk Drive Security Objective: Safeguard confidential information by providing effective management of data processed by and stored on MFPs and printers Hard Disk Drives are essential for the production process and efficient operation. However they can store a latent image of processing data as well as address data and documents intentionally stored for printing on demand. Without effective management, they can present a possible weakness Unauthorised alteration/deletion of software, hardware, other digital resources such as downloadable fonts and images, email/fax address We help safeguard your confidential information in a variety of ways. Data Overwrite Security System (DOSS) protects your latent information and works together with encryption because data that s not overwritten, such as intentionally stored documents and address books, also needs to be protected. Data Overwrite Security System (DOSS) is supplied as standard on the latest Ricoh MFPs (and an option on printers) It allows you to secure the hard drive and make all confidential data unrecoverable by overwriting latent digital images after all copy, scan and print jobs Overwrites with random sequences of ones and noughts can be set to occur from 1-9 times The random data overwrite process makes any effort to access and reconstruct print/copy files virtually impossiblepreventing information that could fall into the wrong hands A simple display panel icon provide visual feedback on the status of the overwrite process 1 of 2
Systems Configuration & Devices Hard Disk Drive Security Secure Printing - Hard Disk Drive Security Security Certification Data Overwrite Security System (DOSS) Provides two methods for overwriting the data Event Driven and Overwrite All - Event Driven destroys copy, print and scan data immediately after every job is processed (if a job comes in while the system is overwriting the previous one, it automatically halts until the job is completed) - Overwrite All overwrites the device s entire hard drive, including stored documents (including setting information, e-mail/fax address book information, counter information, etc.) - recommended if relocating or discarding a machine Select DOSS versions have ISO 15408 certification conforming to IEEE 2600.1 standard. This ISO is an international standard for information security that provides verification of IT security features Data Encryption: Operates in conjunction with our Data Overwrite Security System providing a multi-layered approach to securing sensitive documents Encrypt Valuable Information: Encrypts data, such as frequently used documents stored for print on demand for secure semi-permanent storage, so information would be inaccessible if the Hard Disk Drive got into the wrong hands. Available with new devices or as an option on older devices Frequently used information such as address books and administrator or user passwords can also be encrypted. Eliminates the danger of a company s employees, customers or vendors being targets for malicious e-mails or PC virus contamination. Also protects user names/ passwords used elsewhere on the network-increasing network security This helps keep data typically stored on MFP or printer from being viewed-even if data/devices are removed or stolen. Locks data to prevent recovery Encrypts device information rather than destroying it allows only authorised users access 2 of 2
Systems Configuration & Devices Secure Printing Hard Disk Drive Security - Security Certification Security Certification At Ricoh, we have always taken a consistent and global approach to securing information for our customers. Our thought-leadership is clearly demonstrated right from the earliest stages of our hardware and software design for our multifunctional products (MFPs) and printers. In fact in 2002, we were the first to receive ISO/IEC 15408 Common Criteria certification for a digital MFP device. Then in March 2010, we became the world s first to obtain Common Criteria certification conforming to IEEE 2600.1 for MFPs for the Japan market. This certification is an international standard for IT security products for office use as well as government, where an even higher level of security is required. Now our latest devices for the European Middle East and Africa (EMEA) have also achieved this certification. This relates to our MFP products, Aficio MP2851/3351/4001/5001. Ricoh will continue to obtain Common Criteria certification conforming to IEEE 2600.1 for its MFPs and printers and will pioneer in the development of new security features to help protect printed and electronic data against opportunistic or targeted threats. Security matters As potential attacks on your information capital increase in sophistication, securing your data environment is even more vital. Given the importance of this, governing bodies such as the IEEE, the world s leading professional association for the advancement of technology, are working to implement security guidelines and product standards to help govern the features of printing devices. Ricoh has a lead role in the IEEE working group which analyses the latest security vulnerabilities and prepares methods to combat them. To date, the group has created the security standard P2600, an international benchmark for the security of MFPs and systems. This helps organisations configure their devices to optimise security specifically for the environment in which they are operating. Common Criteria (CC) is an international standard for information security. As an international standard, the CC ensures that the security functions are implemented properly and are usable. The Common Criteria certification demonstrates that Ricoh has secure environments (processes from development, manufacturing, delivery, and installation) as a manufacturer that can provide CC-certified products. The CC certification evaluates whether or not security functions properly work under certain conditions. However the IEEE 2600 includes a document Protection Profile; IEEE specifies the security functions and requirements, which are subject to evaluation according to the CC.
Systems Configuration & Devices - Security Features Security Features Objective: Support key security features whilst simplifying all aspects of installation, monitoring and management of Ricoh networked output systems Restrict User Access. Allows system administrators to control user privileges through the user management tool It activates a menu for review of the devices authorised for use by User Code and User Name A simple click accesses a menu that restricts or enables access for individual users Change Community Name: To address SNMP (Simple Network Management Protocol) vulnerability, the system administrator can change the Community Name from Public to another more secure name If utilised, the Community Name for the software must have the identical name as the connected Ricoh output device Support of SNMPv3 which encrypts the community name for improved security
Wireless Access Security Physically Secure Ports Control IP Address Access Communication Protocols Network Protocol Helping keep intruders out. Could hackers and other malicious parties gain wireless access to your devices? Could data streams and passwords be intercepted? Have your unused network ports been left open and vulnerable? As potential attacks on your information capital increase in sophistication, securing your data environment is even more vital. That s why our devices have a range of security specifications that address vulnerabilities in wired and wireless communications. For example, encryption features work to help prevent hackers and other unauthorised parties from gaining access, by ensuring data is made indecipherable if intercepted. Authorised connections to a device can also be restricted by range of IP addresses via IP filtering. Additionally, our systems permit the administrator to disable all ports that are not being used. This, in tandem with our other security solutions, works to prevent the theft of passwords or user names and other outside threats, including destruction and falsification of data. We continuously evaluate all our products during development. We also check for known vulnerability issues as reported by Internet security organisations such as the CERT Coordination Center. Whenever any such issues are found, we provide appropriate countermeasures.
- Wireless Access Security Physically Secure Ports Control IP Address Access Communication Protocols Network Protocol Wireless Access Security Objective: Block intruders from tapping into wireless networks Interception of data streams and passwords. Or using the wireless connection to a device as an entry point into a data network WPA Support (Wi-Fi Protect Access): Used in conjunction with the IEEE 802.11a/b/g Wireless LAN option, this is a security specification that addresses vulnerabilities in wireless communications It provides a high level of assurance that data will remain protected by allowing only authorised users access and encryption features block intruders with wirelessly enabled laptops from tapping into wireless networks It prevents the inception of data streams and passwords or from using the wireless connection as an entry point into the customer data network 802.1X Wired provides Network-port based authentication for point-to-point communication between network devices and a LAN port, communication will terminate if the authentication fails
Wireless Access Security - Physically Secure Ports Control IP Address Access Communication Protocols Network Protocol Physically Secure Ports Objective: Prevent unauthorised network access Networked-enabled systems are shipped to customers with all network ports open to make them easy to install. However opened, unused network ports pose a security risk of access by an unauthorised outsider via, for example, a wireless connection The system administrator can enable/disable IP ports to control the different network services provided by the print controller to an individual user To provide enhanced network security, specific protocols such as SNMP or FTP can be disabled using Web Image Monitor or Smart Device Monitor Eliminate outside threats including destruction/falsification of stored data, Denial of Service (DoS) attacks and viruses entering the network via an unused printer or MFP port This also prevents theft of user names and passwords Ports can be enabled or disabled individually or protocols /ports can be closed automatically based on network security levels set
Wireless Access Security Physically Secure Ports - Control IP Address Access Communication Protocols Network Protocol Control IP Address Access Objective: IP filtering: authorised connections to the device can be restricted to ranges of IP addresses Network is accessed by an unauthorised outsider for example via a wireless connection IP (Internet Protocol) Address Filtering: Control access to the device by restricting access to specified IP address ranges. Up to five sets of ranges can be entered Additionally, it helps balance output volumes among multiple devices and enhances network security by limiting access to files stored in devices
Secure Network Data: Communication Protocols Wireless Access Security Physically Secure Ports Control IP Address Access - Communication Protocols Network Protocol Objective: Encrypt print data through (SSL) Secure Sockets Layer technology via IPP (Internet Printing Protocol) to make intercepted data indecipherable Vulnerability: Interception of data or tapping machine settings using communication between PC and output device Depending on document data or communication methods for it, the protocols for protection will differ. We offer a range of solutions: Data Encryption via IPP: An effective way to achieve data security - Print data communicated between a network PC and MFP can be encrypted using SSL technology via IPP which secures data between workstations and network printers/mfps. This stops any attempt to tap print data; intercepted data is indecipherable - The latest Ricoh devices use a longer key length on SSL certificate for secure encryption level: 1024/2048 bit SHA1 for SSL certificate as standard - By increasing key length, even if data is stolen, it s hard to be analysed - Additional functionality disables SSL-V2 and SSL with encryption key length less than 128 bit IPsec Communication (PC-Device Communication): a suite of protocols designed to secure IP communications via authentication and encryption of each IP packet in a data stream - Also includes protocols for cryptographic key establishment - Prevents documents being viewed from the internal data carrier by unauthorised people and any outsider being able to connect to the MFP from outside the network S/MIME for scan to email: Attaches a digital signature and encrypts message contents when scanning and sending by email for data protection against wiretapping - S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of email encapsulated in MIME - It is an Internet Standard that extends the format of e-mail to support text in character sets other than US- ASCII, non-text attachments, multi-part message bodies and header information in non-ascii character sets
Network Protocol Wireless Access Security Physically Secure Ports Control IP Address Access Communication Protocols - Network Protocol Objective: Provide strong security for users passwords Many internet protocols do not provide any password security Hackers employ programs called sniffers to extract passwords to access networks Sending an unencrypted password over a network is risky and can open it to attack Many Ricoh devices support Kerberos authentication Kerberos authentication helps limit risks caused by unencrypted passwords and keeps networks more secure
Wireless Access Security Physically Secure Ports Control IP Address Access Communication Protocols Network Protocol - Objective: Ensuring that device management is carried out in a secure environment using SNMP Unauthorised users seeing the password and/or device information SNMP v3 Encrypted Communication: A network management standard widely used in TCP/IP environments Provides a method of managing network hosts such as printers, scanners, workstation or server computers Groups bridges and hubs together into a community from a centrally-located computer running network management software Allows administrators for example to change device settings from a networked PC with encrypted communications to maintain a secure environment Also offers user authentication and data encryption that delivers greater security features to protect customer data and network assets Prevents unauthorised users from seeing either the password and/or device information Uses SSL to communicate with devices
Device Log Management Record Security-Related Events Helping you keep track and in control. Are your networked devices being used inefficiently or without permission? Do you need to ensure that printed documents are identifiable or can be attributed? Do you require accurate and comprehensive tracking for proof of compliance? We offer a range of tools that help track, monitor and manage device activity. This brings the considerable benefits as monitoring provides transparency of use for more effective security of printers and MFPs, as well as enhanced cost control and proof of compliance. Logging of security-related events such as authentication attempts and setting changes are recorded to provide audit trails. A complete listing of every job executed by the device is stored in the memory. When used together with external authentication modes, it can show which device was used and by whom in tracing unauthorised transmission attempts. Customised reporting can provide easy tracking of output print, copy and fax activities by device, individual project or workgroup. In short, our tools offer better visibility and control of user access as well as accurate and comprehensive tracking for proof of compliance, and provide access logs by users for audit purposes.
Device Log Management - Device Log Management Record Security-Related Events Objective: Audit All Device Activity Enable better control of user access and tracking of print, copy and fax activities Convenient customised reporting with easy tracking of all document output by user, project or even workgroup (when used with authentication) Accurate and comprehensive tracking for proof of compliance and access job log by users for audit purposes Networked devices used inefficiently or without permission Printed documents cannot be identified or attributed (Fundamental ISO27001 clause 4.3.2 Control of documents) 7.2.2. Information labelling and handling Monitoring & Recording via protected logs: Access logs of registered devices and configure which devices to collect logs from A complete listing of every job executed by the device is stored in the memory; enables accurate control of user access and tracking of copy and print information Monitor printing/scanning a document/receipt of fax When used in conjunction with user authentication modes, allows tracking of device usage by job, user, project or even workgroup. Also enables determination of which specific users may be abusing a device Shows which device was used and by whom in tracing unauthorised transmission Gives accurate and comprehensive tracking for proof of compliance and access job log by users for audit purposes Enables quotas and policies to be created for enhanced management of printers and MFPs for more effective security and greater cost control and sustainability
Record Security-Related Events Device Log Management - Record Security-Related Events Objective: Monitor and record, via protected logs, any security relevant events that occur within the MFP or printer Undetected attempts at authenticating or changes made to security settings Examples of these types of events might include; successful and unsuccessful authentication attempts, changes in security relevant settings on the device, or changes in the content or state of the device s internal security or accounting logs Job/Access Logs Examples of events/data logged Login Logout Deletion of stored documents Log settings changed Log data transfer results lock-out Firmware update performed Change to Time/Date settings password changed Change made to Address Book contents The log data is encrypted before being saved to the Hard Disk Drive (HDD), which prevents any illegal acquisition or alteration of the data through unauthorised access to the HDD. In addition, the encrypted data is sent to the monitoring tool over an SSL connection The MFP or printer does not allow any changes to be made to the log data itself, i.e. the data can only be transferred to the monitoring tool in an unaltered, encrypted state. Therefore, the data cannot be overwritten or modified in any way, even by those with Administrator-level access rights
Ricoh goes further than encouraging businesses to acquire secure devices; it also helps them to carefully examine their actual use. It does this by introducing security solutions whilst securing workflows adhering to existing company policies. Or by introducing new rules to create a secure document environment protecting against both internal and external threats. This helps by not only reducing the risk of potential security breaches but also maintains trust in your brand. IEEE2600.1 IT Security Within Ricoh, we treat Information Security as just part of how we do things. As evidence of our commitment, we are prominent in the international working party for IEEE2600 which is the functional security standard for print devices. In 2002, Ricoh were the first to receive ISO/IEC 15408 certification for a digital MFP device. Then in March 2010, we became the world s first to obtain Common Criteria certification conforming to IEEE 2600.1 for MFPs for the Japan market. This certification is an international standard for IT security products for office use as well as government, where an even higher level of security is required. Now our latest devices for the European Middle East and Africa (EMEA) market have also achieved this certification. This relates to our MFP products, Aficio MP2851/3351/4001/5001. This is in addition to certification for a number of our Data Overwrite Security System options. Also certified: tool: Remote Communication Gate A (technology behind @Remote Office) achieved Common Criteria Version 3.1, EAL3 certification in Feb 2011. Ricoh will continue to obtain Common Criteria certification conforming to IEEE 2600.1 for its MFPs, printers and solutions; and will pioneer in the development of new security features to help protect printed and electronic data against opportunistic or targeted threats. Device development & on-going monitoring for vulnerabilities We continuously evaluate all our products during development. We also check for known vulnerability issues as reported by Internet security organisations such as the CERT Coordination Center. Whenever any such issues are found, we provide appropriate countermeasures. Best Practice Our own Information Security We have always taken a consistent and global approach to secure information for ourselves as well as for our customers. In 2004, we gained ISO 27001 worldwide certification for Information Security management, for our head office and manufacturing sites (which over the following years, was extended for all our individual sites). This standard covers all aspects of information security and Ricoh is unique in having information security system certified to the standard across all sites.
AD - Active Directory CC - Common Criteria (equivalent to ISO/IEC 15408): is an international standard for information security. The CC certification evaluates whether or not security functions properly work under certain conditions DOSS - Data Overwrite Security System HDD Hard Disk Drive IEEE 2600: specifies the security functions and requirements (document Protection Profile) which are subject to evaluation according to the CC security standard IP - Internet Protocol IPP - Internet Printing Protocol IPsec - Internet Protocol Security: is a protocol suite for securing Internet Protocol (IP) communications ISMS Information Security Management System Kerberos authentication: computer network authentication protocol LDAP - Lightweight Directory Access Protocol MFP - Multifunction Product OCR - Optical Character Recognition PKI - Public Key Infrastructure: is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates RADIUS - Remote Dial In User Service: is a networking protocol RBAC - Role-Based Access Control SMTP - Simple Mail Transfer Protocol: is an Internet standard for e-mail transmission across Internet Protocol (IP) networks SSL - Secure Sockets Layer: is a cryptographic protocol that provides communication security over the Internet S/MIME - Secure/Multipurpose Internet Mail Extensions: is a standard for public key encryption and signing of email encapsulated in MIME SNMP - Simple Network Management Protocol: is an Internet-standard protocol for managing devices on IP networks TCP - Transmission Control Protocol: is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite, complementing the Internet Protocol (IP), and therefore the entire suite is referred to as TCP/IP WPA - Wi-Fi Protect Access
Security In Action Ricoh European Headquarters: Triton Street Ricoh has used its own workflow solutions to safeguard its information and ensure security compliance within its new open plan office in London. Iberdrola Iberdrola, a Fortune 500 company, is a world leader in wind energy and one of Europe s leading energy suppliers. Iberdrola needed a reliable and effective Managed Document Solution that would grant them control of costs, safeguard information security and give the ability to control their print environment. Click on an Adobe PDF icon to download the Case Study.
Secure Conversion Electronic Document Management Document Integrity PDF/A for File Preservation User Card Administrator User Access Control Secure Printing Hard Disk Drive Security Security Certification Security Features Wireless Access Security Physically Secure Ports Control IP Address Access Communication Protocols Network Protocol Device Log Management Record Security-Related Events Secure Printing Copy Data Security Watermarking Archiving Print Jobs Control Scan/Fax Destinations Secure PDF Sharing Faxing Security Removal of Confidential Text
Your information. Our solutions. A secure combination. www.ricoh-europe.com/securitymatters Ricoh_SecureCombination_Overview_v1.0 October 2011 Copyright 2011 Ricoh Europe PLC. All rights reserved. This brochure, its contents and/or layout may not be modified and/or adapted, copied in part or in whole and/or incorporated into another works without the prior permission of Ricoh Europe PLC. www.ricoh-europe.com IT Services Office Solutions Production Printing Managed Document Services