The Sharp Security SuitePowerful protection for your information assets

Security Solutions

10321 Security Brochure8.indd 2 04.05.2009 16:27:29 Uhr

THE SHARP SEcuRiTy SuiTE

UnDERStAnDing EvERyDAy SECURity RiSkS

today’s office multifunction systems are fast, versatile and easy

to use. All day, every day, they routinely copy, print, scan and

fax any and every type of document: including the most

confidential ones. Unfortunately, unsecured MFPs can pose a real

security risk.

not only do they store copies of thousands of possibly sensitive

documents on their hard disks, but multifunction systems

can be vulnerable to internal and external network attacks.

What’s more, their advanced features make it easy for sensitive

information to be copied and distributed beyond the boundaries

of the enterprise.

Confidential reports, personal information, customer data,

financial statements, employee records: they all need protecting

from a whole range of different vulnerabilities and threats.

common vulnerabilities

Some of the most common vulnerabilities associated with an

unsecured MFP include:

• Loss of productivity

• Regulatory non-compliance

• Loss of access

• Stolen information

• Lawsuits

• Unauthorised use.

internal threats

As soon as a document has been created it becomes susceptible

to loss or theft. it can be copied from the MFP’s internal hard

disk, for example. Or faxed to a third party. Or simply just taken

from the output tray, perhaps accidentally. And, of course, MFPs

are a convenient tool for getting hard copies of confidential

information wherever it is on the network.

SEcuRiTyRiSKS

Bertl’s Best 2008 Most Secure MFP Range for 5 consecutive years

BLi 2006 Pick of the year MX-FRX1 Data Security kit

10321 Security Brochure8.indd 3 04.05.2009 16:27:40 Uhr

External threats

information contained in stored documents and scan or print

data can be intercepted across Wide Area networks, virtual

Private networks and the internet. it’s even possible for a hacker

to use the MFP to launch a denial of service attack or to plant

a virus. Fax lines and LAn connections can also increase the

potential for data being intercepted by third parties who could

be located anywhere in the world.

Multi-layered security with the Sharp Security Suite

the Sharp Security Suite defends against common vulnerabilities

and internal and external threats alike, by providing multiple

levels of security across fi ve key areas:

MULti-LAyERED

SEcuRiTySOLuTiONS

DAtA SEcuRiTy

nEtWORk SEcuRiTy

ACCESS COntROL SEcuRiTy

DOCUMEnt SEcuRiTy

AUDit tRAiL SEcuRiTy

1

2

3

4

5

10321 Security Brochure8.indd 4 04.05.2009 16:27:46 Uhr

DAtA SECURity

An unsecured MFP poses two main threats to the security of

your data: the information stored on its internal hard disk, and

the ease with which documents can be copied, faxed or

emailed to third parties. the Sharp Security Suite defeats both

types of threat.

Data Security Kit

the optional Data Security kit, which was the industry’s first

Common Criteria certified solution of its type, makes it virtually

impossible to intercept or recover data from the internal hard

drive. the Advanced Encryption Standard algorithm (AES) is

applied to all data as it is written to the hard disk, RAM or Flash

memory.

the Data Security kit also eliminates residual data by overwriting

it up to seven times with a series of random values. For added

convenience, the Data Security kit can be configured to

overwrite data in three ways:

• automatically, when the device is powered up

• automatically, after each print/copy/fax/scan

• manually on-demand.

Document control

the Document Control*1 function of the Data Security kit works

by adding a barely visible data pattern to documents created by

a Sharp MFP equipped with the Data Security kit*2. if someone

attempts to copy or scan one of these documents the job will be

cancelled or a blank page produced and an email alert will be

sent to the administrator.

THE SHARP SEcuRiTy SuiTE

AT A GLANcE

• Encryptsdataasitiswrittentotheharddisk,RAMorFlashmemory

• Securelyerasesresidualdata,preventingitsrecovery

• Preventsunauthorisedscanningandcopyingofdocuments

Embeds copy prevention data onto the document when it is first copied or printed

COPY PROTECTED

JOB IS CANCELLED

Recognises an unauthorisedattempt to make a copy

*1 Requires optional Data Security kit.

*2 Please contact your local Sharp representative for a list of compatible MFPs.

DAtASEcuRiTy KiT

10321 Security Brochure8.indd 5 04.05.2009 16:27:48 Uhr

* Please contact your local Sharp representative for a list of compatible MFPs.

COMMOn CRitERiA

Common Criteria is an international standards evaluation

programme that was introduced to validate the information

Assurance claims of manufacturers through standards such as

iSO 15408, a set of evaluation standards for security products

and systems established by the Common Criteria.

Common Criteria evaluations range from Evaluation Assurance

Level (EAL) 1 to 7 with EAL 1 to 4 being most relevant for

commercial security products.

The world’s first and highest rated MFPs

Sharp was the world’s first MFP manufacturer to achieve

Common Criteria certification and was also the first to receive

EAL4 for a data security kit. Maintaining a lead as the highest

rated company in certified MFP products, Sharp continues to be

regarded as one of the industry’s greatest security innovators.

today, businesses and government agencies around the world

are depending on Sharp to keep their confidential data safe

from unauthorised access.

DOCUMEnt SECURity

Any document that is scanned and then emailed is potentially

vulnerable to accidental or deliberate interception by

unauthorised third parties. So it makes sense to encrypt sensitive

documents before you send them.

Suitable for scanning to e-mail, FtP, Desktop, HDD and USB,

Sharp’s Encrypted PDF function* uses RSA technology to

encrypt the file before it is sent. the user is prompted to create

a password at the time of scanning and the recipient can only

view the file if he or she knows the correct password.

An additional layer of security is provided by the use of Secure

Sockets Layer (SSL), which encrypts all information in the data

stream, protecting documents in the print queue as well as

any information being exchanged between the MFP and the

administrator using the web interface.

AT A GLANcE

• Safeguardsscanneddocumentsfrominterceptionbythirdparties

• Preventsunauthorisedprintingorviewingofconfidentialdocuments

• Encryptsallinformationinthedatastream

MX-FRX1 ver. M.10 MX-FRX7 ver. S.10

MX-FRX2 ver. M.10 MX-FRX8 ver. M.10

MX-FRX3 ver. M.10 MX-FRX9 ver. M.10

MX-FRX5 ver. M.10 AR-FR24 ver. M.10

MX-FRX6 ver. M.10 AR-FR25 ver. M.10

cOMMONcRiTERiA

vALiDAtiOn ENcRyPTED PDF

10321 Security Brochure8.indd 6 04.05.2009 16:27:51 Uhr

THE SHARP SEcuRiTy SuiTE

nEtWORk SECURity

Sharp MFPs are equipped with an intelligent network interface

that provides a secure firewall to each MFP, preventing

unauthorised access to configuration and network settings.

Access can be controlled at three levels:

• iP address filtering - limits access to a select number of

predefined addresses

• MAC address filtering - limits access to specific PCs regardless

of their iP address

• tCP/iP services blocking - blocks specific communications

protocols and gives administrators the ability to close

vulnerable ports and disable the embedded home page of

the device.

Communication to and from the MFP can also be protected

with Secure Sockets Layer (SSL) for secure transmission across

the network, and most devices support SMB, iPv6, iPSec and

SnMPv3. in addition, many recent Sharp MFPs also support

iEEE802.1X, which helps maintain a high level of security by

blocking access from unauthorised devices.

Fax Security

Penetration of the network via an open fax line, and the

subsequent exploitation of an unsecured network interface by a

determined hacker, is often considered a risk. the good news is

that the architecture of Sharp MFPs eliminates the vulnerabilities

that are commonly found in unsecured machines, removing the

possibility of an attacker gaining dial-up access to the internal

systems.

We’ve designed our MFPs in such a way that the fax modem

controller is physically separate from the other controllers and

we’ve also made sure that it can’t run any external code. not

only is the fax system independent of all the other functions

but it will only respond to specific fax transmission protocols,

terminating all others automatically.

AT A GLANcE

• Preventsnetworkattackswithasecurefirewall

• Allowsaccesstoberestrictedtoknowncomputers

• Eliminatestheriskposedbyfaxtelephonelines

SEcuRE FiREWALL

10321 Security Brochure8.indd 7 04.05.2009 16:27:52 Uhr

ACCESS COntROL SECURity

Limiting access to the MFP to known users is a crucial step in

safeguarding your confidential information. the Sharp Security

Suite adds a top-level of security by defending against both

walk-up and network-based access by unauthorised personnel.

Walk-up access to the MFP is controlled by requiring the user to

enter a unique alphanumeric password at the start of every job.

network access is limited to registered users with valid network

accounts, identified by a username/password combination that

is authenticated against an LDAP or Active Directory Server. All

user credentials are transferred using a proven combination

of kerberos, SSL and Digest-MD5 encryption to help avoid

interception.

in addition, the scan-to-email and fax functions can be limited

to pre-approved addresses to prevent documents being sent to

unauthorised recipients.

AUDit tRAiL SECURity

the final step in achieving all-round security for your MFPs is to

keep a record of who uses them.

Sharp MFPs can use an internal job log or third party software

to provide a full audit trail that logs the identity of each user,

the time of use and details of the specific functions that were

performed. in addition, when documents are scanned to

email, the user’s email address is automatically added to the

“from” field and a blind copy sent, if required, to the network

administrator.

JOBLOg

AT A GLANcE

• Defendsagainstwalk-upandnetworkattacks

• Preventsoperationbyunknownorunauthorisedusers

• Preventsscanneddocumentsfrombeingemailedto unknownaddresses

AT A GLANcE

• ProvidesadetailedrecordofwhohasusedtheMFPandwhen

• Logsalloperationsincludingcopying,scanningandemailing

• Recordsdetailsoffilenamesandemaildestinations

AccESSCOntROL

10321 Security Brochure8.indd 8 04.05.2009 16:28:08 Uhr

SHARP PARTNER

PROGRAM

Design and specifications are subject to change without prior notice. All information was correct at time of print. All other company names, product names and logotypes are trademarks or registered trademarks of their respective owners. © Sharp Corporation 2009 Ref. Security Suite_April09. All trademarks acknowledged. E&OE.

Sharp Central & Eastern Europe • a division of Sharp EuropeA-1020 Vienna, Handelskai 342Phone: +43 / (0)1 / 72 719-0 • Fax: +43 / (0)1 / 72 719-141e-mail: marketing.scee@sharp.euMore info under: www.sharp-cee.com

10321 Security Brochure8.indd 1 04.05.2009 16:27:28 Uhr