Ricoh Products Certified with Common Criteria (ISO/IEC 15408)
Ricoh Products Certified with Common Criteria
Please visit your local website to find detailed information on our products.
Multifunction
| Model | Conformance Requirement | Certification(CC Scheme Site) | |
|---|---|---|---|
| Aficio MP 2352/2852/3352 | EAL3+ / IEEE 2600.1-2009 | Details | Certificate |
| Aficio MP C2051/C2551 | EAL3+ / IEEE 2600.1-2009 | Details | Certificate |
| Aficio MP C4501A/C5501A | EAL3+ / IEEE 2600.1-2009 | Details | Certificate |
| Aficio MP C6501/C7501 | EAL3+ / IEEE 2600.1-2009 | Details | Certificate |
| Aficio MP C3001/C3501 | EAL3+ / IEEE 2600.1-2009 | Details | Certificate |
| Aficio MP C4501/C5501 | EAL3+ / IEEE 2600.1-2009 | Details | Certificate |
| Aficio MP 6001/7001/8001/9001 | EAL3+ / IEEE 2600.1-2009 | Details | Certificate |
| Aficio MP 2851/3351 | EAL3+ / IEEE 2600.1-2009 | Details | Certificate |
| Aficio MP 4001/5001 | EAL3+ / IEEE 2600.1-2009 | Details | Certificate |
| Aficio MP C2800/C3300 | EAL3 | Details | Certificate |
| Aficio MP 2550/3350 | EAL3 | Details | Certificate |
| Aficio MP 4000/5000 | EAL3 | Details | Certificate |
- EAL: Evaluation Assurance Level
Accessories
| Model | Conformance Requirement | Certification(CC Scheme Site) | |
|---|---|---|---|
| DataOverwriteSecurity Unit Type H | EAL3 | Details | Certificate |
| DataOverwriteSecurity Unit Type I | EAL3 | Details | Certificate |
| Data OverWriteSecurity Unit F | EAL3 | Details | Certificate |
| DataOverwriteSecurity Unit Type C | EAL3 | Details | Certificate |
| DataOverwriteSecurity Unit Type D | EAL3 | Details | Certificate |
- EAL: Evaluation Assurance Level
Remote Communication Gates
| Model | Conformance Requirement | Certification(CC Scheme Site) | |
|---|---|---|---|
| Remote Communication Gate A Firmware Version: A2.06-C2.04-P2.01-K2.02 |
EAL3 | Details | Certificate |
| Remote Communication Gate A Firmware Version: A1.18-C1.14-P1.12-K1.04 |
EAL3 | Details | Certificate |
| Remote Communication Gate Type N/L/BN1/BM1 | EAL3 | Details | Certificate |
- EAL: Evaluation Assurance Level
Ricoh Products in Evaluation for Certification with Common Criteria
Please visit your local website to find detailed information on our products.
Multifunction
| Model | Conformance Claim | In Evaluation (CC Scheme Site) | |
|---|---|---|---|
| Aficio MP C300/C400 | EAL3+ / IEEE 2600.1-2009 | Details | |
| Aficio SP 5200 | EAL3+ / IEEE 2600.1-2009 | Details | |
- EAL: Evaluation Assurance Level
Ricoh's Approach to Common Criteria Certification
Ricoh was among the first office equipment vendors to offer security features and options for improving document security. Some of these features and options include the prevention of falsification and leakage of electronic or paper documents which contain our customers' intellectual property. Ricoh has concentrated on developing security features and option for our products to cope with assumable risks through the document's life cycle (from origination, processing, storage, preservation up to the scrapping of a document).
Ricoh was the first in the office equipment industry to acquire the Common Criteria certification conforming to "IEEE 2600.1," which is the international standard for evaluating MFP security. The first model was the "imagio MP 5000 SP/ 4000 SP" (released in February 2008).
Ricoh offers a wide range of products with Common Criteria certification indicating conformance with "IEEE 2600.1" to reassure customers that our products process information securely.
What is a Common Criteria?
Common Criteria is an international evaluation methodology for assuring information security in IT products. Using this methodology, products are evaluated by government-licensed laboratories and the government issues a Common Criteria certificate for the product. By using the IEEE 2600.1 standard as the basis for evaluation, it also assures that an IT product is equipped with required security functions. In addition to the function of the end product, Common Criteria evaluation verifies that the development and manufacturing process provides security assurance through all phases: design, production, and even delivery.
For details, please refer to Common Criteria
What is IEEE 2600.1?
In the past, the security functions performed by a multifunction copiers and printers were not standardized. Each manufacturer loaded security functions based on unique criteria. A workgroup composed of the main manufacturers of multifunction copiers and printers was formed in 2004. These manufacturers jointly developed the international standard now known as "IEEE 2600.1" which was approved in June 2009 by the IEEE and by the US Government. Ricoh has actively participated in this workgroup, together with other companies in the industry, and has contributed significantly in formulating this standard.
"IEEE 2600.1" applies to multifunction copiers and printers. Beyond office use, it also defines the specifications required in high security environments, such as military and government-affiliated applications. The specification covers typical security functions such as identity-authentication, access-control, and network protection (encryption communication). In addition, it includes functions to validate the legitimacy of firmware, protection of residual non-volatile data, to manage security by an administrator, and to audit log records enabling access to security logs as requirements. All high-level security functions are covered.
Please refer to the following for details.
- IEEE P2600 General Information
- GET IEEE 2600: PROTECTION PROFILE FOR HARDCOPY DEVICES
