Security Capabilities - Xerox 7655, 7665, 7675 Evaluator Manual

SECURITY CAPABILITIES

EVALUATE
What type of
meet this demand? Can device access be
drives and in memory? Does the MFP vendor participate in
HOW THE XEROX WORKCENTRE
ADVANTAGE
XEROX
EXCEEDS THE SECURITY CAPABILITIES REQUIREMENT
Built-in Security
Xerox is committed to the security of its products and takes a unique approach to security within the
document industry: Xerox believes security should be built in as a core component of the MFP
system and its controller.
The WorkCentre 7655/7665/7675 series offers built-in security features for physical and network-based
access controls, user authentication, usage tracking, file encryption, and file deletion to fully comply
with the IT organization's information security policies. This is accomplished through intelligent design
architecture that complies with stringent industry security standards and increasing regulations in the
government, military, health care (HIPAA), legal (Sarbanes-Oxley), financial (Gramm-Leach-Biley Act) and
pharmaceutical (FDA 21 CFR Part 11) sectors. The security capabilities of WorkCentre 7655/7665/7675
series MFPs can be further extended with solutions from Xerox Business Alliance Partners.
Security features of the WorkCentre 7655/7665/7675 series include:
• 802.1x Support —
• Analog Fax and Network Isolation —
• Authentication
• Firewall —
• Image Overwrite Security —
• Internal Security Audit Log —
14
WORKCENTRE 7655/7665/7675 EVALUATOR GUIDE
does your office require? Does the device have the
security requirements
Ensures devices connected to the network are properly authorized
the network connection to foil incoming attacks
- System Administrator Authentication —
to administrative web pages to be restricted to authorized employees. Device Access Password
Protection further restricts access to device setup screens and remote network settings
- Network Authentication —
network user names and passwords
- Copy Auditron — Restricts user access to the device, sets limits for users and groups, tracks
jobs and provides reports
Restricts access via IP Address Filtering, Domain Filtering,
and Port Blocking
Electronically erases data that has been
processed to the hard disk in print, copy, scan, and fax modes using
a three-pass algorithm specified by U.S. Department of Defense
Directive 5200.28-M at regular, pre-selected times
satisfying the needs of organizations that must provide logging of the
transfer of Personally Identifiable Information per regulations like
HIPAA, Sarbanes-Oxley, Gramm-Leach-Bliley Act, and more
? Does the device
password protected
® 7655/7665/7675 SERIES
Controller architecture isolates the fax telephone line and
The WorkCentre 7655/7665/7675 series allows access
Manage access to copy, scan, email, and fax features by validating
Permits tracking of activity at the device,
security features
remove latent images
third-party testing and certification
Common Criteria Certification:
The National Information Assurance
Partnership (NIAP) is a U.S. government ini-
tiative to meet the security testing of
Common Criteria, and is a collaboration
between the National Institute of Standards
and Technology (NIST) and the National
Security Agency (NSA). Common Criteria
for IT Security Evaluation is an interna-
tionally recognized methodology (ISO
15408) for evaluating the security claims of
hardware and software vendors. The five
major elements of Common Criteria are
availability, integrity, confidentiality,
accountability and nonrepudiation.
to
on disk
?