| |
 |
Information Security Solutions at Work
|
Information may be leaked by such things
as unauthorized copying of information intended for internal use
only, exposure of information of outside parties by a printout
left behind in a printer, or copying of important information
that was put in the trash. To protect valuable information assets
against these risks, it is essential to identify weaknesses at
each stage of the document lifecycle. This is true for both electronic
files and printed pages. It is also necessary to develop an appropriate
system of countermeasures. Ricoh looks closely at how documents
are handled in its interactions with corporations. It then tries
to come up with comprehensive security measures. Products and
solutions are delivered that best suit each corporation. These
are also effective in preparing listed corporations for the internal
control-related requirements of the Japanese SOX Act, which will
come into force in fiscal 2008.
Looking Closely
at Today's Corporations |
 |
|
|
Today, most corporations have security measures of some type in
place. Most focus on basic, physical security that primarily prevents
unauthorized intranet access, computer viruses, and access to
data on servers, and that protects computer hard drives against
damage caused by lightning, earthquakes and other hazards. But
more recently there have been more unwanted releases of documents
containing leaked personal information. This is attributable to
the weakness of the internal security measures that corporations
have implemented. Ricoh was one of the first to strengthen document
security against falsification and the divulging of electronic
and hard-copy documents. Ricoh was also one of the first to build
a security structure aligned with the lifecycle of documents from
their creation to their processing, short-term storage, archiving
and disposal [Figure 1]. Ricoh delivers to its customers security
solutions with comprehensive built-in document security features.
Document lifecycle [Figure
1]
![Document lifecycle [Figure 1]](img/sec_im01s.gif) |
Looking Entirely
at Document Lifecycle |
|
|
|
As described earlier, the lifecycle of a document typically consists
of creation, storage/management/use, and output before disposal.
Another characteristic of the document is that it may be hard
copy or an electronic file, depending on how it is prepared or
acquired. Moreover, it may change form between the two as it is
scanned and printed for use. Ricoh, to address all risks that
arise over the lifecycle of a document, provides security solutions
for each point along the way.
Government regulations and legislations
have become more stringent in recent years. Our customers now
must comply with information security laws (such as the Health
Insurance Portability and Accountability Act and the Gramm-Leach-Bliley
Act) designed to protect consumers' privacy and financial
records. One requirement of these new information security laws
is that organizations that handle confidential data must have
an information security plan. This plan must detail, in writing,
the procedures and safeguards to prevent information from being
misused. Ricoh's security products and solutions, being easy
to use, understand and verify, are designed to support our customers'
information security plans. To provide that support, we offer
detailed and easy to understand MFP system technical information
(Security White Papers).
Ricoh's Security
Solutions |
|
|
|
The Ricoh Group strives to create products
and solutions that support end-to-end control of documents from
generation to eventual disposal. Ricoh believes this is an important
responsibility of corporations in maintaining information security.
Some examples of such solutions are described below.
Hard Disk Security
1) "Ricoh DataOverwriteSecurity System (DOSS)" (option
to delete data by overwriting it on the hard disk)
As a further measure to prevent data loss, an organization's
information security plan should incorporate technology to destroy
latent digital images on the MFP's hard drive. The DataOverwriteSecurity
System (DOSS) eliminates such a threat by overwriting the hard
disk after each job so that files cannot be retrieved or recovered.
Initially designed to meet government, military, and major account
requirements for document security, DOSS can add value for customers
with all types of missioncritical documents that require protection
from leaks and unauthorized distribution.
DOSS destroys temporary data stored on device hard drives using
one of three overwrite methods. When it is time to relocate or
dispose of the multifunctional device, an Erase All Memory function
permanently erases all data on the hard disk.
2) Removable Hard Drive (US only)
The Removable Hard Drive (RHD) option provides an ideal security
solution for government, military, and other office environments
that require high security. The system's internal hard drive
is mounted in a secure bay, allowing the hard drive to be unlocked,
removed and stored in a secure external location. To add an extra
layer of security, an additional removable hard drive may be used
so that classified and unclassified information can be kept separate.
Locked Print
The Locked Print, or secure document release feature, maintains
confidentiality by suspending document printing until the authorized
user enters a password at the device control panel that corresponds
to a password set at the sending PC in the driver. This eliminates
the possibility of any unauthorized viewing or removal of a confidential
or sensitive document from the paper tray.
ScanRouter EX Pro & Adobe LiveCycle Policy Server
ScanRouter EX Pro applies security policies
to digital documents when documents are scanned in conjunction
with Adobe LiveCycle Policy Server. The main features of Policy
Server include restricted access to documents, access deadline,
printing deadline, and collection of the event log [Figure 2].
ScanRouter EX Pro &
Adobe LiveCycle Policy Server [Figure 2]
![ScanRouter EX Pro & Adobe LiveCycle Policy Server [Figure 2]](img/sec_im02s.gif) |
|
|
|
|
