Lexmark XC4342 Security White Paper - Page 42

Non volatile Memory Wipe

Get Lexmark XC4342 PDF manuals and user guides View all Lexmark XC4342 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 42 highlights

Secure Data 42 Details This is sufficient protection for most threats because there is no device functionality enabling remote access to the data. Disk encryption protects against the threat of removing the hard disk from the SFP or MFP, and attempting to gain access to the data it contains from another device. When hard disk encryption is activated, the encryption key to be used (256-bit AES symmetric encryption) is pseudo-randomly generated and stored in a proprietary fashion in a Trusted Platform Module (TPM). The hard disk is then reformatted with the encryption key. Any data on the disk is lost. Notice that the key, which is unique to the device, is not stored in the hard disk itself. So, if the hard disk is removed and placed in another Lexmark device with hard disk encryption enabled, the hard disk attempts to verify its encryption key with the other device's encryption key-and it fails. Because the verified encryption key on the hard disk is different than the device's encryption key, the device identifies the failure and asks you to reformat the hard disk with a new encryption key, destroying the existing encrypted data on the hard disk. When the encryption function is activated, the hard disk is formatted, and all data on the disk is lost. The encryption is then applied to all data placed on the hard disk at all times. Non volatile Memory Wipe A non volatile memory wipe erases a printer's memory. Lexmark devices use two forms of non volatile memory -EEPROM and NAND. These components store the device operating system, device settings, network information, embedded solution applications, various scanner settings, and bookmark settings. No user-related print, copy, or scan data is stored in non volatile memory. Overview The printer memory erasing function ("Erase Printer Memory", "Wipe All Settings", "Erase all apps and app settings", depending on the device model) deletes all content stored in the various forms of flash memory on your device. You can completely clear all settings, solutions, and job data on the device. This function is ideal when retiring, recycling, or removing a device from a secure environment. Benefits • Device settings are restored to original factory ship selections, removing any setting values that may be incorrect. • Printer memory erasing enables a complete reset, which permits movement and reinstallation at another location with no residual settings retained. Details The "Erase Printer Memory" ("Wipe All Settings") function is a tool for erasing all contents stored in the various forms of non volatile memory on a device. "Wipe All Settings" is accessed on a device's control panel in the Configuration menu. "Erase Printer Memory" is accessed via the device's web page in the Restore Factory Defaults menu (for later EC devices) or the Maintenance menu (for new devices). It is also included in the Out of Service Wiping (Out of Service Erase) function, which is described in "Out of Service Wiping" later in this section. Using "Erase Printer Memory" ("Wipe All Settings") completely clears all device settings, including network and security settings. Installed applications and their settings are removed. (Applications shipped with a device remain, but their settings are reset.) The latest line of Lexmark devices allows more granularity for clearing the device's non volatile memory.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
Details
This is sufficient protection for most threats because there is no device functionality enabling remote access
to the data. Disk encryption protects against the threat of removing the hard disk from the SFP or MFP, and
attempting to gain access to the data it contains from another device.
When hard disk encryption is activated, the encryption key to be used (256-bit AES symmetric encryption) is
pseudo-randomly generated and stored in a proprietary fashion in a Trusted Platform Module (TPM). The hard
disk is then reformatted with the encryption key. Any data on the disk is lost. Notice that the key, which is unique
to the device, is not stored in the hard disk itself. So, if the hard disk is removed and placed in another Lexmark
device with hard disk encryption enabled, the hard disk attempts to verify its encryption key with the other
device’s encryption key—and it fails.
Because the verified encryption key on the hard disk is different than the device’s encryption key, the device
identifies the failure and asks you to reformat the hard disk with a new encryption key, destroying the existing
encrypted data on the hard disk. When the encryption function is activated, the hard disk is formatted, and all
data on the disk is lost. The encryption is then applied to all data placed on the hard disk at all times.
Non volatile Memory Wipe
A non volatile memory wipe erases a printer’s memory. Lexmark devices use two forms of non volatile memory
—EEPROM and NAND. These components store the device operating system, device settings, network
information, embedded solution applications, various scanner settings, and bookmark settings. No user-related
print, copy, or scan data is stored in non volatile memory.
Overview
The printer memory erasing function ("Erase Printer Memory", "Wipe All Settings", "Erase all apps and app
settings", depending on the device model) deletes all content stored in the various forms of flash memory on
your device. You can completely clear all settings, solutions, and job data on the device. This function is ideal
when retiring, recycling, or removing a device from a secure environment.
Benefits
Device settings are restored to original factory ship selections, removing any setting values that may be
incorrect.
Printer memory erasing enables a complete reset, which permits movement and reinstallation at another
location with no residual settings retained.
Details
The "Erase Printer Memory" ("Wipe All Settings") function is a tool for erasing all contents stored in the various
forms of non volatile memory on a device. "Wipe All Settings" is accessed on a device's control panel in the
Configuration menu. "Erase Printer Memory" is accessed via the device's web page in the Restore Factory
Defaults menu (for later EC devices) or the Maintenance menu (for new devices). It is also included in the Out
of Service Wiping (Out of Service Erase) function, which is described in "Out of Service Wiping" later in this
section. Using "Erase Printer Memory" ("Wipe All Settings") completely clears all device settings, including
network and security settings. Installed applications and their settings are removed. (Applications shipped with
a device remain, but their settings are reset.)
The latest line of Lexmark devices allows more granularity for clearing the device’s non volatile memory.
Secure Data
42