Lexmark MX931 Security White Paper - Page 46

Out of Service Wiping, Physical Lock Support

Get Lexmark MX931 PDF manuals and user guides View all Lexmark MX931 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 46 highlights

Secure Data 46 You can use the "Sanitize all information on hard disk" command (also called "Complete Wipe Disk" or "Erase Hard Disk") from the Configuration menu (or remotely from the device web page for most devices). Within this menu, the user may select single-pass and multiple-pass erasure, which will erase the hard disk using the same algorithms as for file wiping. Multiple-pass erasure is currently defined to meet NIST/DOD/DOE standards for confidential data. Depending on the product or EC version, the selections are called Wipe Disk (Fast) and Wipe Disk (Secure), or Single Pass and Multi-Pass, or Single Pass Erase and Multiple Pass Erase. When initiating the process, the device is removed from service until the erasure is completed. Erasure progress is displayed. On later firmware versions, the time remaining for completion is displayed while the erasure proceeds. Out of Service Wiping With the Out of Service command, you can use the functions of Wipe All Settings and Complete Hard Disk Erasure (Wiping) in one step when removing a device from service or removing it from a secure environment. To ensure that no customer data remains on the device hard disk, Lexmark recommends that you use both Wipe All Settings and Complete Hard Disk Wiping commands. With the Out of Service command (available in later firmware updates of most devices), you can choose to initiate both of these functions at the same time from either the Configuration Menu or the device Web page. Benefits Provides a simplified process to prepare the device for removal from service or a secure environment Details In later firmware versions, the Out of Service wiping function is available on the device Web page. This selection is visible only if security is enabled (any basic security or advanced security selection), and Security Menu Access Control has been set to use that security template (any setting except No Security). In later firmware update releases this function (called Out of Service Erase) is updated and included on both the Configuration Menu and the device Web page (as part of the Restore Factory Defaults menu). In the updated version, the predicted time for the disk erasure is displayed before the process is initiated, and the time remaining before erasure is completed is displayed while erasure is in progress. Physical Lock Support Overview Lexmark devices support cabled computer locks, which you can use to physically secure the device's critical and sensitive components, such as the controller board and hard disk. Benefits • Protects against malicious access to the device's critical components, such as the hard disk, controller board, optional memory (flash or RAM), fax modem, and network card • Reduces the threat of a hard disk drive being stolen from a device

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
You can use the “Sanitize all information on hard disk” command (also called “Complete Wipe Disk” or “Erase
Hard Disk”) from the Configuration menu (or remotely from the device web page for most devices). Within this
menu, the user may select single-pass and multiple-pass erasure, which will erase the hard disk using the same
algorithms as for file wiping. Multiple-pass erasure is currently defined to meet NIST/DOD/DOE standards for
confidential data. Depending on the product or EC version, the selections are called Wipe Disk (Fast) and Wipe
Disk (Secure), or Single Pass and Multi-Pass, or Single Pass Erase and Multiple Pass Erase. When initiating the
process, the device is removed from service until the erasure is completed. Erasure progress is displayed. On
later firmware versions, the time remaining for completion is displayed while the erasure proceeds.
Out of Service Wiping
With the Out of Service command, you can use the functions of Wipe All Settings and Complete Hard Disk
Erasure (Wiping) in one step when removing a device from service or removing it from a secure environment.
To ensure that no customer data remains on the device hard disk, Lexmark recommends that you use both
Wipe All Settings and Complete Hard Disk Wiping commands. With the Out of Service command (available in
later firmware updates of most devices), you can choose to initiate both of these functions at the same time
from either the Configuration Menu or the device Web page.
Benefits
Provides a simplified process to prepare the device for removal from service or a secure environment
Details
In later firmware versions, the Out of Service wiping function is available on the device Web page. This selection
is visible only if security is enabled (any basic security or advanced security selection), and Security Menu Access
Control has been set to use that security template (any setting except No Security). In later firmware update
releases this function (called Out of Service Erase) is updated and included on both the Configuration Menu
and the device Web page (as part of the Restore Factory Defaults menu). In the updated version, the predicted
time for the disk erasure is displayed before the process is initiated, and the time remaining before erasure is
completed is displayed while erasure is in progress.
Physical Lock Support
Overview
Lexmark devices support cabled computer locks, which you can use to physically secure the device's critical
and sensitive components, such as the controller board and hard disk.
Benefits
Protects against malicious access to the device's critical components, such as the hard disk, controller board,
optional memory (flash or RAM), fax modem, and network card
Reduces the threat of a hard disk drive being stolen from a device
Secure Data
46