Just when you thought it was safe to copy or print a document in the office, something comes along to shake your confidence. Back in the old days, a copier just copied what you put on the glass. It used heat, toner and static electricity to reproduce your document. As long as no one took your copies, your documents and your information were safe.
Then along came digital copiers with their ability to store documents on a hard drive. This was great because you could also email or fax the document after you copied it. The copiers also became printers and scanners which let you do many tasks with the same device. These new multifunction devices or peripherals (MFP), could also become a simple document management system. They stored every document scanned, copied or printed on their hard drive. And you could retrieve them.
These devices became more sophisticated when manufacturers starting putting operating systems on the hard drives. Now with a browser it was easy to configure and manage the device. It could also send alerts when it was jammed or out of toner. The operating system made it easy to run embedded applications on the devices. This created new ways of moving scanned, copied or printed data into business applications. Now you could scan an invoice from an MFP and move the document and the information it contained into an accounts payable system. All of this turned the lowly copier into a sophisticated information management system.
With all of this new found functionality came some new risks. People eventually realized that this new copier is another computer on your network. It has a network card. It has a hard drive. It has an operating system. It has a user interface. It is accessible through a browser, just like a web server. It is vulnerable to the same security issues as any other computer. A user could potentially access anything stored on the hard drive, including all the documents, if security measures were not implemented.
Unfortunately most copiers and MFPs are managed by purchasing or facilities departments and not IT. With recent headlines, like the one where CBS News found sensitive documents on some copiers in a New Jersey warehouse, more IT people are taking notice. Recently, lawmakers in NJ proposed legislation that the hard drives of digital copiers be wiped clean when they are no longer in use by the person or organization that purchased or leased them. The US Congress is also taking notice with a request for the Federal Trade Commission to investigate possible identity theft from digital copiers.
So now your simple copying and printing device is a security threat. Fortunately copier manufacturers have numerous security measures built into their devices. Most come with kits to clean the hard drive after each copy, print or scan or when the customer requests it. Many allow a customer to encrypt all the information on the hard drive, so even if it gets into the wrong hands, it’s useless. Those embedded web servers can locked down so only authorized people can access them.
The good news is with a little education, training and some technology, your digital copier or MFP, can do want you want it to do without being a security hazard. Talk to your IT department to make them aware of the potential vulnerabilities so they can take action. The last thing you want is your confidential information showing up on the evening news.