• Home
  • Device Security

Device Security

Endpoint protection is table stakes for any organization.

For cyber criminals printers, multifunctional devices and any other office equipment having contact with the outside is the low hanging fruit and can become the first target for exploitation in the pursuit of breaching a company’s perimeter. The good news is that Canon imageRUNNER ADVANCE multifunctional devices include extensive security features to help an organization “harden” their print fleet.

These risk mitigation actions can include closing un-used communication ports, encrypting hard disk drives and data flow protocols which are designed to help minimize the exposure of networked devices. Our expert field engineers can help you take steps to protect your document workflow without compromising the productivity and efficiency of your workforce.

Protocol Security - Hardening the Device

Throughput has always been paramount to an efficient document capture, process and output workflow. In today’s environment, a secure throughput architecture is even more critical. Organization administrative staff should make best efforts to ensure that the features that comprise MFP device protocols are configured appropriately to assist with minimizing the risk associated with being exploited by bad actors.

For more information or to request Device Hardening Services please contact your local Canon Solutions America representative or click here to have someone contact you.

Hardware Security - Protecting Data at Rest

Today most MFP systems hard disk drive (HDD) protection features offer several options to keep data safe. An example of this would be a tamper proof Trusted Platform Module (TPM) and HDD Data Encryption to help ensure that your data is encrypted before storing it on the resident hard drive. Take advantage of the extended HDD options to protect data at rest on the device.

  • HDD Data Erase - Delete Job Data after each task by overwriting the null data or random data. Deletion Mode: Once with null data, Once with random data, 3 times with null data, or the DoD standard
  • With a HDD Data Erase Scheduler (Optional) you can set a daily, weekly and monthly schedule for overwriting temporary data on HDD
  • HDD Initialize – Overwrite modes supported for the HDD Initialize function include:
    • Overwrite once with null (default)
    • Overwrite once with random data
    • Overwrite three times with random data
    • Overwrite three times in the following order (DoD Standard)
      • Fixed value
      • Complement number of fixed value
      • Random data
  • Overwrite nine times with random data
  • A removable HDD allows system administrators to physically lock and unlock and remove the device’s internal HDD

 

Data Security - Protecting Data in Transit

Just as important as protecting data at rest, is protecting it while in transit.

  • Encrypted Secured Print and Secured Print are print functions that hold a job in queue until the user enters the appropriate password at the device
  • The Encrypted PDF feature of most MFD systems can support 40-bit/128-bit RC4 encryption and 128-bit AES (Advanced Encryption Standard) for greater security when sending documents
  • IP Sec helps ensure the privacy and security of information sent to and from the device, while in transit over unsecured networks
  • Wireless LAN supports the latest wireless encryption standards, including WEP, WPA and WPA2. IEEE 802.1 is the standard protocol for port-based Network Access Control
  • Check for key SSL Certificate Improvements
  • TLS improvements enable administrators to specify TLS versions for encrypted communication

 

Controlling Access

Controlling access of MFD system users is the first line of defense. Most devices provide options that let administrators define user profiles and provide various levels of what features and functions an individual is authorized to use (i.e., printing and copying only; print, scanning, copying and faxing, etc.).

  • MAC Address Filter
  • IP Address Block Log

Centralized Management

For administrators a centralized management option helps to contain costs, assists with maintaining an ideal security posture, helps monitor devices and user behavior and can be used to provide an audit platform that may help comply with regulatory dependendencies.

Guide

imageRUNNER ADVANCE Hardening Guide

imageRUNNER ADVANCE Hardening Guide
DOWNLOAD NOW
Guide

imageRUNNER ADVANCE Security


imageRUNNER ADVANCE Security
DOWNLOAD NOW
Guide

imageCLASS Security


imageCLASS Security
DOWNLOAD NOW
Data Sheet

Security Profile Sheet


Security Profile Sheet
DOWNLOAD NOW

 

44%

red bar

THE PERCENTAGE OF IT PROFESSIONALS WHO SAID THEIR ORGANIZATIONS’ SECURITY POLICIES EXTENDED TO NETWORK-CONNECTED PRINTERS IN A RECENT PONEMON SURVEY.*

 

Explore Our Device Security Solutions

#

Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec odio. Quisque volutpat mattis eros. Nullam malesuada erat ut turpis suspendisse urna nibh.

Learn More
#

Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec odio. Quisque volutpat mattis eros. Nullam malesuada erat ut turpis suspendisse urna nibh.

Learn More
#

Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec odio. Quisque volutpat mattis eros. Nullam malesuada erat ut turpis suspendisse urna nibh.

Learn More
#

Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Donec odio. Quisque volutpat mattis eros. Nullam malesuada erat ut turpis suspendisse urna nibh.

Learn More
 

EXPLORE OUR SECURITY COLLECTIONS

 
 

Interested in finding out how Canon Solutions America can help you secure your company’s information?

Contact Us

 

Canon offers security features that can help your business. Many variables can impact the security of your devices and data. Canon does not warrant that the use of its features will prevent malicious attacks, or prevent misuse of devices or data or other security issues. Nothing herein should be construed as legal counsel or regulatory advice concerning customers' compliance with laws related to privacy and security. Customers must have their own qualified counsel determine the feasibility of a particular solution as it relates to regulatory and statutory compliance. Some security settings may affect device functionality or performance. You may want to test these settings before deploying them in your environment to ensure you understand their effects.

Canon is a registered trademark of Canon Inc. in the United States and elsewhere. Océ is a registered trademark of Océ-Technologies B.V. in the United States and elsewhere. All other referenced product names and marks are trademarks of their respective owners and are hereby acknowledged.

©2018 Canon Solutions America, Inc. All rights reserved.