Xerox Product Security Data Protection: Image Overwrite, Encryption and Disk Removal

General Purpose and Audience

Xerox Corporation nor Xerox devices could possibly know what information is sensitive to your business. This document is intended to provide users of Xerox products accurate and actionable information to help them evaluate and manage risks associated with image data stored to disk drives or other non-volatile memory.(The latest version of this document is always posted publicly at www.xerox.com/diskdrive)

Summary Information

Xerox copiers, printers and multifunction products are intelligent devices that contain a computer and the necessary software that allows them to accomplish the many productivity-enhancing tasks that have become so valuable to today’s workplaces. These internal computers may have a disk drive or other non-volatile storage where image data is written during job processing, or where it may be stored for later reprint. From the introduction of the first digital products Xerox has recognized the risk of retained data being inappropriately recovered from non-volatile storage and built features and countermeasures into our devices to help customers safeguard their data.

Xerox has taken information security seriously for years. An excellent source for security information is http://www.xerox.com/security, where information including security bulletins and patch information, US-CERT advisories, white papers, and videos on what customers can and should be doing to mitigate security risks can be found. Xerox provides detailed information about internal product workflows and the algorithm used for image overwrite in Information Assurance Documents which are available for many products at the website or as requested for older products.

Different devices represent different levels of risk. It’s axiomatic that as functionality increases so does the potential risk. For those devices, countermeasures are built into the machine to reduce the risk. 

  • Not all copiers have hard disk drives. Those that do not are not at risk. 
  • Some copiers and multifunction devices have hard disk drives, but do not use the hard disk drive to save document images. These are also not a risk.
  • Those copiers and multifunction devices that do use hard disk drives to temporarily store images, should have an "image overwrite" feature that destroys the copied image immediately." That function should be built in, (which Xerox does), or installable via a security kit. If neither solution exists for the product, it is at risk.
  • Also, most copiers and multifunction devices that have hard disks include a disk encryption feature which encrypts all stored customer image data with the state-of-the art AES encryption algorithm.
  • Xerox has developed a disk removal program so that prior to a device being returned a Xerox technician will remove the disks and leave them with the customer. This program charges a flat fee per machine for the service. Contact Xerox Customer Support for information on fees and availability in your geography.

Executive Summary for Managers' Perspective

Are your customers happy? It depends who you ask.

Every business strives to deliver a great customer experience but how much room exists for improvement?

Surprisingly, employees believe there’s more room to improve customer service capabilities than managers do when it comes to their communications systems, document handling and process support.

This counterintuitive insight emerged from new global research conducted for Ricoh Company, Ltd. by Forrester Consulting. Ricoh commissioned Forrester Consulting to evaluate the importance and business impact of document and process support at the point of service. Its findings, compiled in the Thought Leadership paper “The New Workplace Reality; Enterprises Must Capture the Soul and Spirit of the Emerging Worker” reveals disparity between managers’ and employees’ views of customer service capabilities.

Among Forrester’s key findings:

The research focused on customer communications to test whether they satisfied expectations for good service regardless of how a customer contacted a company, e.g., via smart phone, website or email. It revealed that customer-facing workers surveyed — e.g., bank clerks, call center operators, nurses, bank managers and shop supervisors — were more likely to see flaws in the customer service they’re able to provide than their managers are. By a factor of more than 2 to 1 over their managers (28 percent to 12 percent), customer-facing workers felt constrained by “older systems” that sometimes forced customers to communicate with the company in ways they didn’t want to. Yet by a factor of nearly 3 to 1 (43 percent to 17 percent), managers thought their customer-facing workers communicated well with customers through both old and new channels.


Hard Disk Security for Printers, MFPs, and Copiers - What You Need to Know to Protect Your Confidential Information

It’s common knowledge that computers store information on hard disk drives. What’s not as well known is that some printers and most multifunction printers (MFPs) and copiers also contain hard disk drives that record and store data. Residual data that may remain on the disk after printing, copying, etc. could pose a security risk.

Your confidential data at risk

Recent reports on the CBS Evening News and 60 Minutes demonstrated the security risks to data stored on MFP hard disk drives. In these reports CBS recovered dozens of pages of confidential information stored on MFPs, warehoused in several used equipment facilities.

The purpose of this document is to help Xerox customers become more secure in their knowledge of hard disk security issues and solutions. Understanding the potential risks and safeguards—and the advantages Xerox products provide—will help you prevent the loss of valuable intellectual assets and confidential data.

Printer, MFP and copier hard disks

Digital information is transmitted to a printing device by a computer over a network, by scanning, or through a telephone line. Often this data is stored on a hard disk drive. This storage capacity enables the device to print faster and multitask—perform more than one function (print/copy/scan) simultaneously.


HP Converged Storage

Executive summary

Every two years, the data we generate roughly doubles. By 2015, the total worldwide cumulative digital archive capacity is projected to be at 300,000 petabytes. As the amount of information we generate grows, and as our relationship with information grows more complex, the race to innovate new products and services to help us harness information, manage it, and tap into it more easily intensifies. This paper discusses the continuing development of HP’s strategy for delivering Converged Storage that improves the ability of your business to capitalize on information. Building on the foundation provided by fusing industry-standard technologies, federated scale-out software, and converged management, HP is now extending Converged Storage into new solutions and segments with a new initiative that introduces the next evolution of this HP Converged Storage strategy and vision.

The changing role of IT

Every seven to 10 years, technology delivery undergoes a tectonic shift—one that opens up new business and access models. These shifts change the way that technology is consumed and the value that it can bring, and change what is possible by removing inhibitors to innovation. Examples of these shifts are all around us today—mobility, social media, big data, and the advent of cloud computing to name a few. These shifts offer new opportunities for solving our most pressing challenges, including speeding innovation, enhancing agility, and improving financial management. These shifts can unleash the power of IT to not only support but also help shape business.

However, these shifts also present challenges. In order to derive the most value out of your IT investment, your business must not only have a strategy in place for coping with the massive data growth that faces today’s IT organizations, but one that allows you to exploit these new technology areas. Within the context of the data center, this means that your data center today needs a lot more from storage than simply serving your data. In fact, your storage requirements are likely to span all three of the following needs (figure 1):


Xerox Partner Print Services Security Document Overview

Network and data security is one of the many challenges that businesses face on a daily basis. Recognizing this, Xerox continues to engineer and design all of its products and services to ensure the highest-possible level of security.

There are several documents that will help you feel confident about the security levels of the Xerox Partner Print Services (XPPS) technology and better understand how it functions. These documents will help you evaluate and approve the use of the XPPS software in your network environment.

As a service provider utilizing the Software as a Service (SaaS) model, Xerox understands the importance of security and risk management. This white paper details the security controls employed in the Xerox hosting environment. It covers both physical and electronic controls. Additionally, it covers related elements, including data backup and disaster recovery.


HP Integrated Lights-Out Security


HP Integrated Lights-Out (iLO) has been widely accepted as the standard for remotely managing the servers in data centers. Most HP ProLiant and Integrity servers include an autonomous iLO management processor on the system board. The iLO processor and firmware let you securely configure and monitor a server locally or remotely over a management network.

This brief addresses a key concern of data center management: security. iLO ensures that your server hardware, firmware, communication interfaces, and deployment capabilities are secure. This brief describes the utilities and services providing access points into iLO or its host system. It also describes how iLO’s design protects against access risks.

This brief covers the following versions:

  • iLO 3 v1.0 and 1.05
  • iLO 2 v1.60
  • iLO v1.91

It does not apply to the LO-100 processors in ProLiant 100-series servers.

Protected access to iLO and sensitive information

The iLO user interface includes multi-layer security: authentication, authorization, data integrity, and privacy.

iLO firmware is digitally signed with a private key. Unauthorized code, including anti-virus software, may not be allowed to execute.

Authentication determines who is at the other end of the network connection. iLO authenticates users with 128-bit Secure Socket Layer (SSL) encryption.


Xerox® Product Security Keep Your Data Safe On Tax Day and Every Day.

April 15th has all of us gathering private, personal data—and copying, printing, faxing and scanning sensitive documents. You can be certain this, and all confidential data, remains secure for you, your employees and your customers by enabling security features available with most Xerox® equipment. From income figures to Social Security Numbers and more, we offer the data protection you need and your customers expect.

“Secure” features and options

As you may know, many of our products have hard drives. Your image data is written on the hard drive during job processing or it may be stored for reprinting later. But did you know that many of those products also have standard features that you can enable or options you can add to protect your data? For example:

  • Disk encryption protects your user data at rest on the hard drive from unauthorized access, ensuring your data is not inappropriately recovered.
  • You can use Image Overwrite to remove user data from your Xerox® product’s hard drive when you no longer need it.

What’s more, many of our products are also Common Criteria certified. This internationally recognized certification, a requirement for hardware and software devices used by the Federal government on national security systems, offers you an added layer of confidence.


Equitrac Enhances Document Accounting Offering for the Office, Educations, and Legal Markets


Equitrac's document accounting systems product line continues to evolve. In its latest announcement, the company is in a solid position to maintain a market leadership role for cost recovery applications (e.g., legal and other professional services) and to take advantage of the problem of unmanaged document costs and pay-for-copy/print opportunities. Equitrac has done well in the established cost recovery markets and has shown signs of success for document accounting in the emerging general office and education markets. Keys for future success lie in: 
  • A growing market interest in tracking hardcopy usage. Many organizations are beginning to recognize the high costs associated with producing documents on paper. If left unmanaged and untracked, document costs can spiral out of control. Equitrac technology helps identify excessive costs or waste associated with copying and printing so that organizations can better manage and/or reduce the costs of producing hardcopy documents. 
  • Ongoing product evolution. Equitrac continues to add several new or enhanced features to its document accounting system software to bring greater cost efficiencies for the office, education, and professional services markets. 
  • Embedded technology developments. Equitrac has partnered with several hardcopy market leaders including Canon, eCopy, EFI, HP, Ricoh Sharp, and Xerox to develop embedded Equitrac solutions for these vendors' products. 
  • Building on a market leadership position. Equitrac has an established market leadership role in the cost recovery market. As an example, most of the top U.S. law firms use Equitrac technology. Additionally, the company claims an impressive base of more than 10,000 customers worldwide. 

HP 3PAR Thin Technologies


Balancing the storage needs of new projects or of unpredictable workloads against limited resources is the prime challenge of IT managers today. Of the many proposed solutions for improving storage efficiency, few are actually implemented. Of those implemented, fewer still achieve demonstrable success.

Thin provisioning has achieved widespread adoption as it dramatically increases capacity efficiencies. It has become a data center “must have” for its ability to break the connection between logical and physical capacity. However, not all thin-provisioning implementations deliver the same results. Some are complex to deploy, while others use coarse allocation units and cannot deliver the required space savings.

Thin provisioning allows a volume to be created and made available as a logical unit number (LUN) to a host without the need to dedicate physical storage until it is actually needed. HP 3PAR Thin Provisioning software has long been considered the gold standard in thin provisioning for its simplicity and efficiency. Unlike other “bolt-on” implementations, HP 3PAR Thin Provisioning software is simple and efficient, helps your organization start new projects more quickly and on demand and save millions of dollars. HP 3PAR Thin Provisioning leverages the dedicate-on-write approach of HP 3PAR StoreServ Storage, allowing enterprises like yours to purchase only the disk capacity they actually need. HP 3PAR Thin Provisioning integrates seamlessly with VMware vSphere, Windows® Server 2012, Red Hat Enterprise Linux, and Symantec Veritas Storage Foundation—greatly enhancing the operative and administrative efficiency of these platforms.

While HP 3PAR Thin Provisioning software is extremely simple to deploy and use, a certain amount of planning is advantageous to maximize its benefits. This paper documents best practices on thin provisioning on HP 3PAR StoreServ Storage and is intended for administrators looking to get the most out of their HP 3PAR StoreServ deployment. In addition, it describes other HP 3PAR thin technologies that you can use in conjunction with HP 3PAR Thin Provisioning software to maximize its effectiveness. Unique to HP 3PAR StoreServ, HP 3PAR Thin Conversion software enables you to reduce capacity requirements by 50 percent or more by deploying HP 3PAR StoreServ in place of legacy storage.

Outsourcing Network Support: The Surprising Strategy That Helps You Spend Less for Higher Uptime

Executive Summary

Today, network support is a fundamental aspect of every organization because network performance has a direct effect on profitability and customer service. This white paper examines why large organizations tend to outsource network support, and explains why small and mediumsized businesses (SMBs) should pursue the same strategy: to gain critical advantages in costefficiency, end-user productivity, and network uptime.

Network support services range from one-time projects to complete management of the tools and technology required to keep a network running: hardware, software, and infrastructure. Large organizations tend to outsource these services because they are complex and expensive to deliver internally, and because outsourcing creates opportunities to maximize return on investment from technology while reducing operating costs.

In SMB environments, network support is typically assigned to a single person or a small team. During times of peak network stress, this lack of internal resources creates significant problems. Outsourcing network support in SMB environments helps alleviate this problem, and allows each organization to pay only for what it needs. Important services for SMBs to consider for outsourcing include management of hardware, document output, software, and infrastructure, as well as offsite services such as remote monitoring, remote maintenance, and managed security.

There are four ways to build a case for outsourcing network support, all of which will appeal to an executive audience: 1. Outsourcing enables organizations to reallocate resources; 2. Outsourcing helps reduce operating expenses; 3. Outsourcing delivers critical competitive advantages; and 4. Outsourcing makes it easier to take advantage of new technology.