Document Security and your Copier:
On April 19th, CBS Evening News ran a clip entitled Personal Information on the Copy Machine that has generated plenty of phone calls and emails from concerned IT professionals looking to safeguard their data. We felt that it would be helpful to share this information with all of our clients so that you are better informed about document security and how it relates to your office equipment.
We will first urge you to read the script or watch the video we have provided a link to above. This certainly presents the worst case scenario and does utilize scare tactics but the issue is based on what CAN happen in the real world.
It is important to note that it is true that every copier with a hard drive out there in some way buffers data being copied, scanned or printed to the hard drive. This is also true for a growing number of higher end printers. Most copiers sold today have hard drives with the exception being smaller office store purchased machines or little desktop models. While these hard drives do TEMPORARILY store data on them, it is DELETED as soon as the print job is completed, the set of copies are made or the scan gets to its destination. The only exception to this is the use of the Document Server feature which holds scanned data on your hard drive like an electronic file cabinet. This is to be used for frequently needed documents to make printing them out much easier. You can see any documents stored by simply pressing the Document Server button and reviewing the list of documents you have stored. They can easily be deleted by the user when no longer needed.
In the news story, they acquire several copiers that have been returned at end of lease on the used market. They then remove the hard drives and attach them to a FORENSICS PROGRAM to extract the data on the drives. We want to make certain that you understand this is not the same as just removing the drive from the copier and plugging it into your computer. The forensics program is a tool used to recover deleted data from hard drives or recover data from damaged hard drives. When a file is deleted, only the record of where it was stored is actually removed and the true data still resides on the drive until it is written over. This works the same on ALL hard drives whether they are in your copier, your PC or the server under lock and key.
What can be done about this? Ask yourself, how do you currently dispose of your computers with hard drives? You should ask yourself this question as whatever level you are comfortable with on your computers is exactly what you should do with all hard drives under your control. There are several solutions out there and it is likely that after you read this you will make changes to how you dispose of all of your hard drives in the future, regardless of what they reside in.
If you really paid attention to the article, you would notice that the guy exposing this sells a software program to make these problems go away. He offers, as well do others, software to overwrite an entire hard drive multiple times with binary gibberish to eliminate any left over data on the drive. A good solution but it involves the removal of the drive at end of product life and several hours for the data to be completely sanitized.
We perform a format of all hard drives as the machine is picked up for return to the lease company or at the end of rental and also perform this when we acquire a used machine. While this is not perfect as it does not get rid of the erased image on the drive, it is sufficient to stop the casual intruder. This is the same as reformatting the hard drives on your PC to get rid of data before disposing of them.
Removal and destruction is a choice but a functional drive must be in the copier when returned. If you are simply sending it off to the scrap yard why not “go Office Space”? From the movie Office Space the final demise of the printer involved a baseball bat and a crowbar. The drive still needs to be destroyed further as mentioned in this excellent article on end of life data security on hard drives. Drive manufacturer Seagate has also provided good hard drive end of life security procedures.
Ricoh does offer several ideal solutions that were originally developed for the Dept. of Defense and NSA called the Data Overwrite Security System or DOSS as well as a hard drive encryption option. The DOSS optional feature performs the overwriting of the deleted data immediately after deletion so your machine never has any data to be recovered. This is the best of everything as it performs this on the fly, not just at end of product life like all the other methods. Even if your machine is stolen in the middle of the night you know that it left your building with no recoverable data on the drives.
The second security offering from Ricoh is the hard drive encryption feature. The Hard Drive Encryption Option provides security for information that needs to be stored on the MFP or printer and reused again. Examples of information that may need to be stored for reuse include administrator and user passwords and address books. The Hard Drive Encryption Option differs from DOSS in that the information encrypted is not destroyed, but locked up so only authorized users may access the information. DOSS destroys data so it cannot be reused. The Hard Drive Encryption Option and DOSS may be used in conjunction with each other.
With all of these different data protection methods comes a different level of protection and cost. In order from least to most are:
- Reformat hard drive (free)
- Remove hard drive for data overwrite or replacement (~$350)
- Remove hard drive for replacement and old one sent for certified destruction (~$400)
- Equip machine with Ricoh DOSS or hard drive encryption (~$500 ea.)
- Complete Security for your data (Priceless)
Ricoh does have several partnerships with companies that will perform complete copier demanufacture, recycling and hard drive destruction. The cost for these services varies by weight and where the product needs to be shipped but typically falls somewhere in the middle of the list above.
The good news is that any one of these options is orders of magnitude less than the cost of non compliance with Sarbanes-Oxley, HIPAA, Gramm-Leach-Bliley Act, or the bad press your company will receive for such a security breach. By being aware of these issues, we hope that you will be better informed in the underlying security threat and how best to address it in your organization.
If you have any questions regarding this information or other general document security questions we would appreciate hearing from you. Please call us at Spectrum Business Centers, 1-800-467-4264.
For additional details regarding Ricoh’s security offerings please view this document titled, “Ricoh Aficio Common Security Features Guide.”