Lexmark XC4342 Security White Paper - Page 27

Secure Access, Authentication and Authorization, Benefits

Get Lexmark XC4342 PDF manuals and user guides View all Lexmark XC4342 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 27 highlights

Secure Access 27 Secure Access Network scans and printed documents that routinely contain sensitive information-such as financial data, customer or employee identification and account information-are often overlooked when it comes to network security. Lexmark devices include standard features that can substantially reduce the security risk by ensuring that only authorized users have access to the data. Authentication and Authorization When you select a function, such as Scan to E-mail, the MFP can require you to authenticate yourself before proceeding. This limits device access to valid users only and enables the MFP to identify who is performing the function. Lexmark devices support not only user authentication, but authorization as well. This feature allows device administrators to grant individual users and appropriate groups the right to access a particular device function or functions, while restricting other users or groups from using the same functions. With this capability, individual users or group members are able to use their network user name and password to access the device. The device can determine whether the user has access to the appropriate functions, based on the access rights configured by the device administrator. This level of control applies to network access through the device's web server, and to the configuration and use of the device through the touch-screen interface. You can also configure the device to authenticate and authorize users against internal accounts, passwords, and PINs-as well as against a corporate directory through an encrypted channel. These authentication methods are secure over an TLS channel and are compatible with Active Directory and other directory-server platforms. An important aspect of user authentication and authorization is that you can enter your normal, or corporate, user ID and password. You must not, and do not, must remember a special set of information to use a Lexmark device. Instead, the device makes use of the corporate directory to validate your credentials against the standard, centralized database. Benefits The benefits of user authentication and authorization include: • Securing an MFP by limiting who can use its control panel to access functions such as Copy, Color Copy or Scan to Network. • Anonymous e-mail is avoided by inserting the identity of the authenticated user in e-mail generated by the Scan to E-mail function. With additional configuration, the Scan to E-mail function can also limit e-mail to a predetermined destination (for example, [email protected]) so that e-mail cannot be sent to arbitrary destinations. • When network authentication is used, you authenticate your identity by using your normal user name and password, just as if you are logging in to your workstation or laptop. This keeps the process simple and intuitive. • Faxes sent with networked fax servers can automatically send an e-mail confirmation of the fax to the sender's e-mail, because the MFP recognizes who is sending the fax.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
Secure Access
Network scans and printed documents that routinely contain sensitive information—such as financial data,
customer or employee identification and account information—are often overlooked when it comes to network
security. Lexmark devices include standard features that can substantially reduce the security risk by ensuring
that only authorized users have access to the data.
Authentication and Authorization
When you select a function, such as Scan to E-mail, the MFP can require you to authenticate yourself before
proceeding. This limits device access to valid users only and enables the MFP to identify who is performing the
function.
Lexmark devices support not only user authentication, but authorization as well. This feature allows device
administrators to grant individual users and appropriate groups the right to access a particular device function
or functions, while restricting other users or groups from using the same functions. With this capability, individual
users or group members are able to use their network user name and password to access the device. The
device can determine whether the user has access to the appropriate functions, based on the access rights
configured by the device administrator. This level of control applies to network access through the device’s
web server, and to the configuration and use of the device through the touch-screen interface. You can also
configure the device to authenticate and authorize users against internal accounts, passwords, and PINs—as
well as against a corporate directory through an encrypted channel. These authentication methods are secure
over an TLS channel and are compatible with Active Directory and other directory-server platforms.
An important aspect of user authentication and authorization is that you can enter your normal, or corporate,
user ID and password. You must not, and do not, must remember a special set of information to use a Lexmark
device. Instead, the device makes use of the corporate directory to validate your credentials against the
standard, centralized database.
Benefits
The benefits of user authentication and authorization include:
Securing an MFP by limiting who can use its control panel to access functions such as Copy, Color Copy or
Scan to Network.
Anonymous e-mail is avoided by inserting the identity of the authenticated user in e-mail generated by the
Scan to E-mail function. With additional configuration, the Scan to E-mail function can also limit e-mail to a
predetermined destination (for example, [email protected]) so that e-mail cannot be sent to
arbitrary destinations.
When network authentication is used, you authenticate your identity by using your normal user name and
password, just as if you are logging in to your workstation or laptop. This keeps the process simple and
intuitive.
Faxes sent with networked fax servers can automatically send an e-mail confirmation of the fax to the
sender’s e-mail, because the MFP recognizes who is sending the fax.
Secure Access
27