Be the Hero in MFP Security Isssues25 Aug, 2009 By: Editorial Staff imageSource
Be the Hero in MFP Security Isssues
Your customers may have smart card access securing the entrance to their
building, encrypted network login, and an IP filter protecting access to their
networks, but do they have adequate safeguards when it comes to managing
information flowing into, and out of, their company via their scanners and MFPs?
As a dealer you can be their hero in security. Take a look at a common problem
that you can solve. One of the issues surrounding MFP scan to e-mail systems is
the disassociation of e-mail communication from the core user’s e-mail log. By
integrating directly via Exchange or Notes a company will route e-mails through
the MFP, but the log is recorded against the users e-mail account as if they had
sent the email from their desktop.
Even more important is the fact that attachments recorded with the email log do
not always come into play with MFP scan to e-mail routed directly through the
SMTP mail server.
Thus, without integrating through Exchange or Notes, even if the Chief Security
Office (CSO) knew that confidential information had been leaked via a scan to
e-mail route, he or she would have no means of identifying who was the culprit.
Share with your consumers that the first step to limiting opportunity is to
force authentication on all communication and scanning devices, thus creating an
audit trail. The process is simple in essence, requiring the administrator to
set up a capture phase, a processing phase, and a route. The capture phase is
the MFP or scanner. The destination route can be the e-mail delivery system, FTP
folder, desktop location, etc.
You can show administrators how to set up all scanning workflows to follow a set
procedure, such as:
• User authenticates at the device, instantly starting the audit trail.
• Scanning is carried out.
• Image is fed into an OCR application for conversion into
a searchable text format. The searchable file is passed to a custom programmed
program that performs a security content filter/sweep looking for ‘hot’ words,
codes, names, etc.
• If no “hot” words are detected, the data continues on its
way to the final destination / email address / ftp location, etc.