The Sharp Security Suite - Biuro mašinos › wp-content › uploads › 2016 › 03 › ... · An...
Transcript of The Sharp Security Suite - Biuro mašinos › wp-content › uploads › 2016 › 03 › ... · An...
The Sharp Security SuitePowerful protection for your information assets
Security Solutions
10321 Security Brochure8.indd 2 04.05.2009 16:27:29 Uhr
THE SHARP SEcuRiTy SuiTE
UnDERStAnDing EvERyDAy SECURity RiSkS
today’s office multifunction systems are fast, versatile and easy
to use. All day, every day, they routinely copy, print, scan and
fax any and every type of document: including the most
confidential ones. Unfortunately, unsecured MFPs can pose a real
security risk.
not only do they store copies of thousands of possibly sensitive
documents on their hard disks, but multifunction systems
can be vulnerable to internal and external network attacks.
What’s more, their advanced features make it easy for sensitive
information to be copied and distributed beyond the boundaries
of the enterprise.
Confidential reports, personal information, customer data,
financial statements, employee records: they all need protecting
from a whole range of different vulnerabilities and threats.
common vulnerabilities
Some of the most common vulnerabilities associated with an
unsecured MFP include:
• Loss of productivity
• Regulatory non-compliance
• Loss of access
• Stolen information
• Lawsuits
• Unauthorised use.
internal threats
As soon as a document has been created it becomes susceptible
to loss or theft. it can be copied from the MFP’s internal hard
disk, for example. Or faxed to a third party. Or simply just taken
from the output tray, perhaps accidentally. And, of course, MFPs
are a convenient tool for getting hard copies of confidential
information wherever it is on the network.
SEcuRiTyRiSKS
Bertl’s Best 2008 Most Secure MFP Range for 5 consecutive years
BLi 2006 Pick of the year MX-FRX1 Data Security kit
10321 Security Brochure8.indd 3 04.05.2009 16:27:40 Uhr
External threats
information contained in stored documents and scan or print
data can be intercepted across Wide Area networks, virtual
Private networks and the internet. it’s even possible for a hacker
to use the MFP to launch a denial of service attack or to plant
a virus. Fax lines and LAn connections can also increase the
potential for data being intercepted by third parties who could
be located anywhere in the world.
Multi-layered security with the Sharp Security Suite
the Sharp Security Suite defends against common vulnerabilities
and internal and external threats alike, by providing multiple
levels of security across fi ve key areas:
MULti-LAyERED
SEcuRiTySOLuTiONS
DAtA SEcuRiTy
nEtWORk SEcuRiTy
ACCESS COntROL SEcuRiTy
DOCUMEnt SEcuRiTy
AUDit tRAiL SEcuRiTy
1
2
3
4
5
10321 Security Brochure8.indd 4 04.05.2009 16:27:46 Uhr
DAtA SECURity
An unsecured MFP poses two main threats to the security of
your data: the information stored on its internal hard disk, and
the ease with which documents can be copied, faxed or
emailed to third parties. the Sharp Security Suite defeats both
types of threat.
Data Security Kit
the optional Data Security kit, which was the industry’s first
Common Criteria certified solution of its type, makes it virtually
impossible to intercept or recover data from the internal hard
drive. the Advanced Encryption Standard algorithm (AES) is
applied to all data as it is written to the hard disk, RAM or Flash
memory.
the Data Security kit also eliminates residual data by overwriting
it up to seven times with a series of random values. For added
convenience, the Data Security kit can be configured to
overwrite data in three ways:
• automatically, when the device is powered up
• automatically, after each print/copy/fax/scan
• manually on-demand.
Document control
the Document Control*1 function of the Data Security kit works
by adding a barely visible data pattern to documents created by
a Sharp MFP equipped with the Data Security kit*2. if someone
attempts to copy or scan one of these documents the job will be
cancelled or a blank page produced and an email alert will be
sent to the administrator.
THE SHARP SEcuRiTy SuiTE
AT A GLANcE
• Encryptsdataasitiswrittentotheharddisk,RAMorFlashmemory
• Securelyerasesresidualdata,preventingitsrecovery
• Preventsunauthorisedscanningandcopyingofdocuments
Embeds copy prevention data onto the document when it is first copied or printed
COPY PROTECTED
JOB IS CANCELLED
Recognises an unauthorisedattempt to make a copy
*1 Requires optional Data Security kit.
*2 Please contact your local Sharp representative for a list of compatible MFPs.
DAtASEcuRiTy KiT
10321 Security Brochure8.indd 5 04.05.2009 16:27:48 Uhr
* Please contact your local Sharp representative for a list of compatible MFPs.
COMMOn CRitERiA
Common Criteria is an international standards evaluation
programme that was introduced to validate the information
Assurance claims of manufacturers through standards such as
iSO 15408, a set of evaluation standards for security products
and systems established by the Common Criteria.
Common Criteria evaluations range from Evaluation Assurance
Level (EAL) 1 to 7 with EAL 1 to 4 being most relevant for
commercial security products.
The world’s first and highest rated MFPs
Sharp was the world’s first MFP manufacturer to achieve
Common Criteria certification and was also the first to receive
EAL4 for a data security kit. Maintaining a lead as the highest
rated company in certified MFP products, Sharp continues to be
regarded as one of the industry’s greatest security innovators.
today, businesses and government agencies around the world
are depending on Sharp to keep their confidential data safe
from unauthorised access.
DOCUMEnt SECURity
Any document that is scanned and then emailed is potentially
vulnerable to accidental or deliberate interception by
unauthorised third parties. So it makes sense to encrypt sensitive
documents before you send them.
Suitable for scanning to e-mail, FtP, Desktop, HDD and USB,
Sharp’s Encrypted PDF function* uses RSA technology to
encrypt the file before it is sent. the user is prompted to create
a password at the time of scanning and the recipient can only
view the file if he or she knows the correct password.
An additional layer of security is provided by the use of Secure
Sockets Layer (SSL), which encrypts all information in the data
stream, protecting documents in the print queue as well as
any information being exchanged between the MFP and the
administrator using the web interface.
AT A GLANcE
• Safeguardsscanneddocumentsfrominterceptionbythirdparties
• Preventsunauthorisedprintingorviewingofconfidentialdocuments
• Encryptsallinformationinthedatastream
MX-FRX1 ver. M.10 MX-FRX7 ver. S.10
MX-FRX2 ver. M.10 MX-FRX8 ver. M.10
MX-FRX3 ver. M.10 MX-FRX9 ver. M.10
MX-FRX5 ver. M.10 AR-FR24 ver. M.10
MX-FRX6 ver. M.10 AR-FR25 ver. M.10
cOMMONcRiTERiA
vALiDAtiOn ENcRyPTED PDF
10321 Security Brochure8.indd 6 04.05.2009 16:27:51 Uhr
THE SHARP SEcuRiTy SuiTE
nEtWORk SECURity
Sharp MFPs are equipped with an intelligent network interface
that provides a secure firewall to each MFP, preventing
unauthorised access to configuration and network settings.
Access can be controlled at three levels:
• iP address filtering - limits access to a select number of
predefined addresses
• MAC address filtering - limits access to specific PCs regardless
of their iP address
• tCP/iP services blocking - blocks specific communications
protocols and gives administrators the ability to close
vulnerable ports and disable the embedded home page of
the device.
Communication to and from the MFP can also be protected
with Secure Sockets Layer (SSL) for secure transmission across
the network, and most devices support SMB, iPv6, iPSec and
SnMPv3. in addition, many recent Sharp MFPs also support
iEEE802.1X, which helps maintain a high level of security by
blocking access from unauthorised devices.
Fax Security
Penetration of the network via an open fax line, and the
subsequent exploitation of an unsecured network interface by a
determined hacker, is often considered a risk. the good news is
that the architecture of Sharp MFPs eliminates the vulnerabilities
that are commonly found in unsecured machines, removing the
possibility of an attacker gaining dial-up access to the internal
systems.
We’ve designed our MFPs in such a way that the fax modem
controller is physically separate from the other controllers and
we’ve also made sure that it can’t run any external code. not
only is the fax system independent of all the other functions
but it will only respond to specific fax transmission protocols,
terminating all others automatically.
AT A GLANcE
• Preventsnetworkattackswithasecurefirewall
• Allowsaccesstoberestrictedtoknowncomputers
• Eliminatestheriskposedbyfaxtelephonelines
SEcuRE FiREWALL
10321 Security Brochure8.indd 7 04.05.2009 16:27:52 Uhr
ACCESS COntROL SECURity
Limiting access to the MFP to known users is a crucial step in
safeguarding your confidential information. the Sharp Security
Suite adds a top-level of security by defending against both
walk-up and network-based access by unauthorised personnel.
Walk-up access to the MFP is controlled by requiring the user to
enter a unique alphanumeric password at the start of every job.
network access is limited to registered users with valid network
accounts, identified by a username/password combination that
is authenticated against an LDAP or Active Directory Server. All
user credentials are transferred using a proven combination
of kerberos, SSL and Digest-MD5 encryption to help avoid
interception.
in addition, the scan-to-email and fax functions can be limited
to pre-approved addresses to prevent documents being sent to
unauthorised recipients.
AUDit tRAiL SECURity
the final step in achieving all-round security for your MFPs is to
keep a record of who uses them.
Sharp MFPs can use an internal job log or third party software
to provide a full audit trail that logs the identity of each user,
the time of use and details of the specific functions that were
performed. in addition, when documents are scanned to
email, the user’s email address is automatically added to the
“from” field and a blind copy sent, if required, to the network
administrator.
JOBLOg
AT A GLANcE
• Defendsagainstwalk-upandnetworkattacks
• Preventsoperationbyunknownorunauthorisedusers
• Preventsscanneddocumentsfrombeingemailedto unknownaddresses
AT A GLANcE
• ProvidesadetailedrecordofwhohasusedtheMFPandwhen
• Logsalloperationsincludingcopying,scanningandemailing
• Recordsdetailsoffilenamesandemaildestinations
AccESSCOntROL
10321 Security Brochure8.indd 8 04.05.2009 16:28:08 Uhr
SHARP PARTNER
PROGRAM
Design and specifications are subject to change without prior notice. All information was correct at time of print. All other company names, product names and logotypes are trademarks or registered trademarks of their respective owners. © Sharp Corporation 2009 Ref. Security Suite_April09. All trademarks acknowledged. E&OE.
Sharp Central & Eastern Europe • a division of Sharp EuropeA-1020 Vienna, Handelskai 342Phone: +43 / (0)1 / 72 719-0 • Fax: +43 / (0)1 / 72 719-141e-mail: [email protected] info under: www.sharp-cee.com
10321 Security Brochure8.indd 1 04.05.2009 16:27:28 Uhr