That copier hard drive: Your weakest link
March 23, 2010 by Steve HannafordPosted in: In this week's e-newsletter, Latest News & Views, Security
You’ve given your servers the best security available. You’ve protected the networked PCs against viruses. You’ve protected your e-mail system. But for most companies, there’s one big inviting target that you may not even know exists.
Hard disk drives have been a standard part of midrange to high-level copiers for about five years. They have various uses, including saving frequently printed forms and guides, storing digitized incoming faxes, and securing print jobs until you actually get to the machine and identify yourself with a password or biometric.
But the main function is that they make a temporary save of incoming prints and copies before putting toner on paper.
It used to be that a hard disk drive was an expensive add-on. More and more, it’s becoming standard equipment, especially on the faster copier-multifunctionals. And there are tools for protecting that data. First there are so-called “disk scrubbing” utilities that systematically remove any temporary data stored on the disk so that even the smartest cyberthief can’t find a trace of it. Then there are data encryption utilities that allow you to scramble the files that you do store.
But here’s the rub — most copier companies charge you hundreds of dollars extra for those tools. Therefore, they become an afterthought, an added expense that seems like a last-minute sales trick. Here we blame the copier companies — the security tools should be shipped along with any hard disk, not presented as an extra that a non-tech savvy purchasing agent sees no need for.
The reality is many unprotected hard disks are brimming with confidential data, as shown in a recent Toronto Star article.
As one security expert points out, these unprotected copiers are open to outsiders. “Any web-savvy, techno-whiz kid could easily access the hard drive, or send all scans to e-mail or, if they have the password, retrieve copies of confidential documents by simply hooking their laptop up to the copier.”
In fact, the Toronto Star reporter got a demo on how easy it is to target copiers anywhere in the world from the comfort of home. “The activity of photocopiers linked to an unsecure network can be seen and tracked online. With a few clicks of a mouse, and no knowledge of how to hack, we could see the latest activity of a photocopier in Korea, which included copies of invoices and employee expenses.”
DocuCrunch.com delivers the latest IT and Imaging news once a week to the inboxes of over 200,000 IT and Imaging professionals.
Click here to sign up and start your FREE subscription to DocuCrunch!
Tags: copiers, hard drives
Loading ...
April 21st, 2010 at 8:54 pm
I understand the concerns over security and I think this is an important issue that we have been trying to tell people about for years that has come to light. But like all security issues there are a number of actions you can take to secure against hard drive and other data theft. I have made this post on my blog which I think would be useful to concerned readers and explains how to secure your photocopier
http://onlineconnect.wordpress.com/2010/04/21/security-threat-of-digital-photocopiers-worse-than-cbs-reported/
May 11th, 2010 at 6:00 am
[...] covered it before, but the tale of the all-too-vulnerable copier hard drive keeps coming up, this time in a recent [...]
May 18th, 2010 at 11:26 am
[...] (MFPs) have had a big buzz lately, and we’ve followed suit on this site (see here and here). But are those security problems really the companies’ [...]
May 18th, 2010 at 12:48 pm
We have found this to be the big buzz in data security. We have been on this for over 2 years trying to get IT departments to recognize the security breach but have been given the cold shoulder until now. We are sought out by major corporations that need this security breached addressed.
Here at Copierharddrivesecurity.com we have 4 solutions for every business. Its not cheap but 100% effective. If you or someone you know is looking for a solution, give them our # or our website address. We are a subsidiary of Progressive Copier Systems Inc. out of San Diego California. Progressive is BBB Accredited and has an A+ Rating. We can be reached at 619-593-1000 or at http://www.copierharddrivesecurity.com
Prices per machine are around $500 to $700 and we give discounts for multiple machines.
May 18th, 2010 at 1:31 pm
I know there is a lot of finger pointing at who is to blame and who’s responsibility it is to scrub or replace the hard drives. The bottom line is everyone involved.
It is the responsibility of the manufacturer to make the reseller and the buyer aware of the hard drive and offer security (Just like the hard drive manufactures do). It is the resellers responsibility to offer scrubbing and replacement solutions(Just like computer resellers do). But ultimately it is the end user that is placing the data on the drive that is responsible for the content on the drive as well as removing the content off the drive prior to it being returned at the end of lease or traded-in.
Call on copierharddrivesecurity.com to get you through this and provide you with documentation that you and your company have acted responsibly. You can also call 619-593-1000 or visit progressivecopiersystems.com