Konica Minolta bizhub C258 bizhub C368/C308/C258 Security Operations User Manu - Page 14

External authentication server control requirements

Get Konica Minolta bizhub C258 PDF manuals and user guides View all Konica Minolta bizhub C258 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 14 highlights

1.3 Precautions for Operation Control 1 - The administrator of the machine should have the user administrator log on to the User Mode and change his or her password in [Utility] - [User Settings] - [Change Password] if he or she changes the password. - The administrator should make sure that any user does not set any number that can easily be guessed from birthdays, employee identification numbers, and the like for the passwords set for the User Authentication and Secure Print. - The administrator should disclose the Account Password to the user in accordance with the operating environment of the machine and the security policies of the organization on his or her own responsibility. External authentication server control requirements The administrator of the machine and the server administrator are required to apply patches to, or perform account control for, this machine and the external authentication server connected to the office LAN in which the machine is installed to ensure operation control that achieves appropriate access control. This machine can be used only after the user who uses this machine has been registered in the external authentication server. The server administrator should also check registered users at regular intervals to thereby ensure that any unnecessary users are left registered. Security function operation setting operating requirements The administrator of the machine should observe the following operating conditions. - The administrator of the machine should make sure that the machine is operated with the settings described in the installation checklist made properly in advance. - The administrator of the machine should make sure of correct operation control so that the machine is used with the Enhanced Security Mode set to [ON]. - The administrator of the machine should make sure of correct operation control so that the appropriate FW Update (USB) Password is used with [FW Update (USB) Permission Setting] set to [Password Priority]. - When the Enhanced Security Mode is turned [OFF], the administrator of the machine is to make various settings according to the installation checklist and then set the Enhanced Security Mode to [ON] again. For details of settings made by the service engineer, contact your service representative. - When the machine is to be discarded or use of a leased machine is terminated at the end of the leasing contract, the administrator of the machine should use the Overwrite HDD Data function and the Overwrite All Data function to thereby prevent data to be protected from leaking. Operation and control of the machine The administrator of the machine should perform the following operation control. - The administrator of the machine should log off from the Administrator Mode whenever the operation in the Administrator Mode is completed. The administrator of the machine should also make sure that each individual user logs off from the User Authentication mode after the operation in the User Authentication mode is completed, including operation of the Secure Print document, User Box, and User Box file. - During user registration and box registration, the administrator of the machine should make sure that the correct settings are made for the correct users, including functional restrictions and box attributes. - The administrator of the machine should set the Encryption Key and FW Update (USB) Password according to the environment, in which this machine is used. - The administrator of the machine should appropriately control the device certificate (SSL certificate) registered in the machine. - The administrator of the machine should ensure that no illegal connection or access is attempted when the machine is to be connected to an external interface. - The administrator of the machine should appropriately control the file of Job Log (Audit Log) data downloaded to, for example, a PC and ensure that none other than the administrator handles it. - The administrator of the machine should check the Job Log (Audit Log) data at appropriate timing, thereby determining whether a security compromise or a faulty condition has occurred during an operating period. - When generating or deleting Job Log (Audit Log) and Job Log (Audit Log) data, the administrator of the machine should check conditions of using this machine by the user. bizhub C368/C308/C258 1-10

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
bizhub C368/C308/C258
1-10
1.3
Precautions for Operation Control
1
-
The administrator of the machine should have the user administrator log on to the User Mode and
change his or her password in [Utility] - [User Settings] - [Change Password] if he or she changes the
password.
-
The administrator should make sure that any user does not set any number that can easily be guessed
from birthdays, employee identification numbers, and the like for the passwords set for the User Au-
thentication and Secure Print.
-
The administrator should disclose the Account Password to the user in accordance with the operating
environment of the machine and the security policies of the organization on his or her own responsibil-
ity.
External authentication server control requirements
The administrator of the machine and the server administrator are required to apply patches to, or perform
account control for, this machine and the external authentication server connected to the office LAN in which
the machine is installed to ensure operation control that achieves appropriate access control.
This machine can be used only after the user who uses this machine has been registered in the external au-
thentication server. The server administrator should also check registered users at regular intervals to thereby
ensure that any unnecessary users are left registered.
Security function operation setting operating requirements
The administrator of the machine should observe the following operating conditions.
-
The administrator of the machine should make sure that the machine is operated with the settings de-
scribed in the installation checklist made properly in advance.
-
The administrator of the machine should make sure of correct operation control so that the machine is
used with the Enhanced Security Mode set to [ON].
-
The administrator of the machine should make sure of correct operation control so that the appropriate
FW Update (USB) Password is used with [FW Update (USB) Permission Setting] set to [Password Pri-
ority].
-
When the Enhanced Security Mode is turned [OFF], the administrator of the machine is to make various
settings according to the installation checklist and then set the Enhanced Security Mode to [ON] again.
For details of settings made by the service engineer, contact your service representative.
-
When the machine is to be discarded or use of a leased machine is terminated at the end of the leasing
contract, the administrator of the machine should use the Overwrite HDD Data function and the Over-
write All Data function to thereby prevent data to be protected from leaking.
Operation and control of the machine
The administrator of the machine should perform the following operation control.
-
The administrator of the machine should log off from the Administrator Mode whenever the operation
in the Administrator Mode is completed. The administrator of the machine should also make sure that
each individual user logs off from the User Authentication mode after the operation in the User Authen-
tication mode is completed, including operation of the Secure Print document, User Box, and User Box
file.
-
During user registration and box registration, the administrator of the machine should make sure that
the correct settings are made for the correct users, including functional restrictions and box attributes.
-
The administrator of the machine should set the Encryption Key and FW Update (USB) Password ac-
cording to the environment, in which this machine is used.
-
The administrator of the machine should appropriately control the device certificate (SSL certificate)
registered in the machine.
-
The administrator of the machine should ensure that no illegal connection or access is attempted when
the machine is to be connected to an external interface.
-
The administrator of the machine should appropriately control the file of Job Log (Audit Log) data down-
loaded to, for example, a PC and ensure that none other than the administrator handles it.
-
The administrator of the machine should check the Job Log (Audit Log) data at appropriate timing,
thereby determining whether a security compromise or a faulty condition has occurred during an oper-
ating period.
-
When generating or deleting Job Log (Audit Log) and Job Log (Audit Log) data, the administrator of the
machine should check conditions of using this machine by the user.