Kyocera ECOSYS P2235dn Kyocera Fleet Services KFS Security White Paper - Page 21

Security and Safeguards

Get Kyocera ECOSYS P2235dn PDF manuals and user guides View all Kyocera ECOSYS P2235dn manuals
Add to My Manuals
Save this manual to your list of manuals

Page 21 highlights

KYOCERA Fleet Services Security White Paper Security and Safeguards In today's data-intensive workplace, protection of your valuable information assets is of paramount importance. To safeguard these assets, KFS employs a variety of robust security features that safeguard communication between KFS components and devices. • Data Storage • Data Transfer • Regulatory Compliance • Data Communication • User Account Management • Microsoft Azure Security • Data Access Control • Identification and Authentication Data Storage Sensitive information assets stored in KFS components-KFS Manager, KFS Gateway, KFS Device and KFS Mobile-are encrypted with the following algorithms and bit strength. Encryption Algorithm: Advanced Encryption Standard (AES) Key Length: 128-bit, 256-bit The sensitive information assets stored in KFS Mobile indicates, for example, user password of KFS Manager, refresh token for setting up a secure communication channel with KFS Manager, and password for proxy server authentication. Important: Device data only contains information necessary for management and maintenance of the devices. It does not contain the customer's image data or personal information, such as address book. Data Communication KFS encrypts communication data using HTTPS protocol, whether a user is accessing data via KFS Manager or data is being transferred between a device and other KFS components. HTTPS protects KFS communication data streams from masquerading, tapping or modification, as all KFS components are mutually authenticated. KFS send and receives encrypted data to and from devices via the internet or local area network (LAN). • KFS Communication via Internet KFS network communication is set up by XMPP server and KFS Manager in the cloud. XMPP protocol uses HTTPS protocol for data transport. XMPP protocol is used for the communication between KFS Manager and XMPP server in the cloud or for the communication between KFS Gateway/KFS Device and XMPP server over the firewall. • KFS Communication via LAN Web service through HTTPS is used between KFS Gateway and devices. Between KFS Gateway and the device, a secure communication is set up using SNMPv3 which authenticates and encrypts SNMP packets flowing on the network. The communication via LAN is controlled by setting a range of subnet mask, IP address and host name. There is no unintended transmission via the network. • Communication Between KFS Components One-to-one secure communication between KFS Mobile and devices can be set up via encrypted Bluetooth, Wi-Fi Direct or USB, without passing through the LAN. 20 | P A G E

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
KYOCERA Fleet Services
Security White Paper
20 |
PAGE
Security and Safeguards
In today’s data-intensive workplace, protection of your valuable information assets is of paramount
importance. To safeguard these assets, KFS employs a variety of robust security features that safeguard
communication between KFS components and devices.
Data Storage
Data Communication
Data Access Control
Data Transfer
User Account Management
Identification and Authentication
Regulatory Compliance
Microsoft Azure Security
Data Storage
Sensitive information assets stored in KFS components–KFS Manager, KFS Gateway, KFS Device and KFS
Mobile–are encrypted with the following algorithms and bit strength.
Encryption Algorithm:
Advanced Encryption Standard (AES)
Key Length: 128-bit, 256-bit
The sensitive information assets stored in KFS Mobile indicates, for example, user password of KFS Manager,
refresh token for setting up a secure communication channel with KFS Manager, and password for proxy
server authentication.
Important
: Device data only contains information necessary for management and maintenance of the devices.
It does not contain the customer’s image data or personal information, such as address book.
Data Communication
KFS encrypts communication data using HTTPS protocol, whether a user is accessing data via KFS Manager
or data is being transferred between a device and other KFS components. HTTPS protects KFS
communication data streams from masquerading, tapping or modification, as all KFS components are mutually
authenticated.
KFS send and receives encrypted data to and from devices via the internet or local area network (LAN).
KFS Communication via Internet
KFS network communication is set up by XMPP server and KFS Manager in the cloud. XMPP protocol uses
HTTPS protocol for data transport. XMPP protocol is used for the communication between KFS Manager
and XMPP server in the cloud or for the communication between KFS Gateway/KFS Device and XMPP
server over the firewall.
KFS Communication via LAN
Web service through HTTPS is used between KFS Gateway and devices. Between KFS Gateway and the
device, a secure communication is set up using SNMPv3 which authenticates and encrypts SNMP packets
flowing on the network. The communication via LAN is controlled by setting a range of subnet mask, IP
address and host name. There is no unintended transmission via the network.
Communication Between KFS Components
One-to-one secure communication between KFS Mobile and devices can be set up via encrypted
Bluetooth, Wi-Fi Direct or USB, without passing through the LAN.