Nine Oce Printers Certified for Security Compliance
Press release from the issuing company
BOCA RATON, Fla., March 15 -- Oce, a global leader in digital document management and delivery solutions, announced that nine popular Oce multifunction systems have received Common Criteria Certification, an independent verification program to help users make more confident decisions in selecting IT resources that meet established security requirements. The Oce VarioPrint(TM) 2045/2055/2065, Oce VarioPrint 2050/2060/2070, and Oce 3145, Oce 3155 and Oce 3165 models recently received the certification at the EAL+2 assurance level, which verifies the devices have satisfied rigorous security testing, evaluation and assessment for secure document access and storage, network connectivity, and management.
The increased need for security touches most industries today, including healthcare, financial, legal and government. Many government and defense agencies require that IT products used in those environments hold Common Criteria Certification. In addition, many companies face strict compliance with HIPAA, Sarbanes-Oxley, and other privacy and accounting regulations. Security worries include the threat of theft of personal data and intellectual property, network abuse, outside penetration, virus or worm attacks, and legal liabilities resulting from security breaches.
To assure that customers maintain the security and integrity of their digital information assets and workflow, Oce has invested heavily in system security. The Oce strategy focuses on secure network connectivity, document access, and document storage. The recent Common Criteria Certification provides independent validation that Oce has addressed these security issues through its controller technology.
"Public and private customers demand secure devices on their IT networks. Oce has engineered a robust solution, which has now been recognized as meeting or exceeding the industry standard for security," said Mal Baboyian, President of Oce Digital Document Systems.
The US is represented within the Common Criteria Project by the National Information Assurance Partnership (NIAP), a joint National Institute of Standards and Technology (NIST) and National Security Agency (NSA) project.
Exclusive Features Further Boost Security
To further boost security, the certification covers a number of features unique to Oce. These include secure printing, e-shredding, management functions, an IP network filter, and an integrity guard. All the functions are managed by a password-protected web interface, which allows further customization. All certified Oce systems are factory delivered at the highest security level under the CCC scheme.
Secure Printing and Document Access
In the face of stricter privacy regulation and the growing risk of identity theft and other threats, it is more important than ever that companies maintain the integrity of printed information. Oce helps ensure this through secure printing to block unauthorized printing of specific jobs. While other vendors may offer secure printing, only Oce has had this feature certified. Documents can also be kept private by adding a pin code to a print job, while user accounts can be set up to prevent unauthorized device or mailbox access. Scans are automatically exported to a password-protected scan server. Tracking and accounting are supported, while external card reader authorization and control systems are also available.
Secure Document Disposal and Storage
Security breaches can occur when documents are not disposed of properly. Oce certified devices offer automatic mailbox clean up to prevent documents from being stored too long, while e-shredding prevents recovery of previously printed documents. This unique patent pending data-overwrite shredding technology minimizes the 'window of opportunity' to the time taken to print a document. Data is automatically erased from the hard drive immediately after documents are printed, prohibiting recovery using publicly available data recovery software. A lengthy additional overwrite is performed as a background task to prevent loss of productivity. This e-shredding function conforms to the US Department of Defense DOD 5220.22-M Directive and can be fully customized. For additional security, a removable hard drive can be used to physically lock away and protect confidential document information.
Secure Network Connectivity
A built-in IP network firewall provides protection against worms and viruses, and an integrity test and repair function provides a second line of defense against those threats. The filter blocks unwanted network traffic to and from the controller, and any specific network service that is not required can be switched off easily. The IP network filter will automatically reconfigure after network settings are changed and automatically blocks unused ports to prevent abuse, while providing feedback about which ports are enabled. Access to individual network services can be protected using a client filter, for instance, to prevent circumvention of the print server or to grant access solely to the print server. As a second defense behind the firewall, a controller guard checks the integrity of the controller's software and, if necessary, makes repairs automatically.
The Oce 3145 and Oce VarioPrint 2050 are not available in the United States.