Konica Minolta bizhub PRESS 2250P bizhub PRESS 2250P Security User Guide - Page 11

2.2 Security Functions 2 Secure print files and authentication print files are not encrypted during transmission from a client PC to the machine. Please implement measures against wiretapping, such as installing a cryptographic communication device or antibugging equipment, in order to protect secure print files and authentication print files. - Qualifications to be an administrator: A supervisor selects a reliable person who has adequate knowledge, technical ability, and experience as an administrator, to whom to delegate administration of the machine. - Guarantee of customer engineer (CE): A supervisor or an administrator can use the Enhanced Security mode after confirming that a service contract has been signed with a customer engineer (CE). Clearly state in the service contract that the customer engineer (CE) will not engage in any fraudulent actions. - Secure LAN: Be sure to connect the machine to a local area network protected by firewall in order to prohibit access from external networks. Be also sure not to have any illicit device connected to the LAN. - An administrator should designate the installation location to be available only for product users. Install the machine in a place securely locked during the night, and during the day in a place that allows the administrator to monitor the machine, so that any parts such as an HDD should not get stolen or any special device such as an internal analyzer should not be hooked up to the machine. Equipment removed from the main body, such as an HDD, should also be managed similar to the main body. - An administrator is required to be present at customer engineer (CE) works such as installation or maintenance. - An administrator should check at regular intervals that the date/time setting is correctly made on the machine. 2.2.3 Description of Enhanced Security Mode Security functions will be enhanced as follows. Protecting and deleting of remaining data after being used There are two types of Image data stored in memory or HDD: AHA compressed data and uncompressed data, which are TIFF format, PDF format, and PS data. The image area of memory or HDD with AHA compressed data will be released after clearing the used data. In normal mode, the data is not completely deleted, which may allow for unauthorized reading of the data. In Enhanced Security mode, the image area of memory or HDD is overwritten with data unrelated to the image before the area is released, irrespective of whether the stored image data is compressed. Enhanced passwords There are 5 different passwords provided for security functions. - CE password - Administrator password - User password - Account password - HDD lock password The CE password and account password should be comprised of 8 alphanumeric characters (the alphabetic characters are case-sensitive). For the administrator password, the following 32 symbols can be used in addition to alphanumerics (casesensitive) to comprise 8 characters: The user password is normally made from 1 to 64 alphanumeric characters (case-sensitive); however, the user password less than 8 characters will be unavailable in the Enhanced Security mode. If you enter 64 or more characters, the last entered character will be identified as the 64th character. The HDD lock password should be made from 8 to 32 alphanumeric characters (case-sensitive). If you enter 32 or more characters, the last entered character will be identified as the 32nd character. As for the CE password, administrator password and account password, the machine recognizes the last entered character as the eighth character if 8 or more characters are entered. The machine in the Enhanced Security mode also refuses any entry for 5 seconds, if a wrong password is entered for one of the 5 passwords mentioned above. bizhub PRESS 2250P 2-4