Precautions For Operation Control; Roles And Requirements Of The Administrator; Password Usage Requirements; Network Connection Requirements For The Machine - Konica Minolta bizhub C35 User Manual

1.4

Precautions for Operation Control

1.4 Precautions for Operation Control
This machine and the data handled by this machine should be used in an office environment that meets the
following conditions.

Roles and Requirements of the Administrator

The Administrator should take full responsibility for controlling the machine, thereby ensuring that no improp-
er operations are performed.
<To Achieve Effective Security>
- A single individual person who is capable of taking full responsibility for controlling the machine should
be appointed as the Administrator to make sure that no improper operations are performed.
- When using an SMTP server (mail server) or an DNS server, each server should be appropriately man-
aged by the Administrator and should be periodically checked to confirm that settings have not been
changed without permission.

Password Usage Requirements

The Administrator must control the Administrator Password, auth-password, and priv-password appropriate-
ly so that they may not be leaked. These passwords should not be ones that can be easily guessed. The user,
on the other hand, should control the Secured Job Password and User Password appropriately so that they
may not be leaked. Again, these passwords should not be ones that can be easily guessed.
<To Achieve Effective Security>
- Make absolutely sure that only the Administrator knows the Administrator Password, auth-password,
and priv-password.
- The Administrator must change the Administrator Password, auth-password, and priv-password at
regular intervals.
- The Administrator should make sure that any number that can easily be guessed from birthdays, em-
ployee identification numbers, and the like is not set for the Administrator Password, auth-password,
and priv-password.
- If a User Password has been changed, the Administrator should have the corresponding user change
the password as soon as possible.
- If the Administrator Password has been changed by the Service Engineer, the Administrator should
change the Administrator Password as soon as possible.
- The Administrator should have users ensure that the passwords set for the User Authentication and Se-
cured Job are known only by the user concerned.
- The Administrator should have users change the passwords set for the User Authentication at regular
intervals.
- The Administrator should make sure that any user does not set any number that can easily be guessed
from birthdays, employee identification numbers, and the like for the passwords set for the User Au-
thentication and Secured Job.
- Upon change of the Administrators, the old Administrator of the machine should promptly have the new
one change the Administrator password.

Network Connection Requirements for the Machine

If the LAN is to be connected to an outside network, no unauthorized attempt to establish connection from
the external network should be permitted.
<To Achieve Effective Security>
- If the LAN, in which the machine is installed, is connected to an outside network, install a firewall or
similar network device to block any access to the machine from the outside network and make the nec-
essary settings.
- Provide an appropriate network control at all times to make sure that no other copying machine is con-
nected without prior notice to the office LAN to which this machine is connected.

User information control system control requirements

The administrator of the machine and the server administrator are required to apply patches to, or perform
account control for, this machine and the user information control system connected to the office LAN in
which the machine is installed to ensure operation control that achieves appropriate access control.
bizhub C35
1
1-6