Your business probably has policies in place to protect sensitive data on your computer hard drives and network. But what about the data which may be stored inside your digital copy machines?
According to the Federal Trade Commission (FTC), your information security plans also should cover the digital copiers your company uses. If the data on your copiers gets into the wrong hands, it could lead to fraud and identity theft.
Like the other computers or mobile devices your company uses, many digital copy machines contain hard drives which may store private information about the documents it copies, prints, scans, faxes or emails. If you don’t take steps to protect that data, it could be stolen from the hard drive, either by remote access or by extracting the data once the drive has been removed.
Copiers often are leased for a fixed period, returned, and then leased again or sold. It’s important to know how to secure data that may be retained on a copier hard drive, and what to do with a hard drive when you return a leased copier or dispose of one you own.
This guide for businesses published by the FTC recommends that you address data security in each stage of your digital copier’s life cycle:
Before you acquire a copier:
Make sure it’s included in your company’s information security policies. Copiers should fall under the management of the same IT staff who have expertise and responsibility for securing your computers and servers.
When you buy or lease a copier:
Evaluate your options for securing the data on the machine. Most manufacturers offer data security features with their copiers, either as standard equipment or as optional add-on kits. These features generally involve encryption and overwriting.
- Encryption is the scrambling of data using a secret code that can be read only by particular software. Digital copiers that offer encryption encode the data stored on the hard drive so that it cannot be retrieved even if the hard drive is removed from the machine.
- Overwriting — also known as file wiping or shredding — changes the values of the bits on the disk that make up a file by overwriting existing data with random characters. By overwriting the disk space that the file occupied, its traces are removed, and the file can’t be reconstructed as easily.
Depending on the copier, the overwriting feature may allow a user to overwrite after every job run, periodically to clean out the memory, or on a preset schedule. Users may be able to set the number of times data is overwritten — generally, the more times the data is overwritten, the safer it is from being retrieved. However, for speed and convenience, some printers let you save documents and print them straight from the printer hard drive without having to retrieve the file from your computer. For copiers that offer this feature, the memory is not overwritten with the rest of the memory. Users should be aware that these documents are still available.
Overwriting is different from deleting or reformatting. Deleting data or reformatting the hard drive doesn’t actually alter or remove the data itself, but rather alters how the hard drive accesses the data. The data remains and may still be recovered.
You may also have the ability to lock the hard drives using a passcode; this means that the data is protected, even if the drive is removed from the machine.
Finally, think ahead to how you will dispose of the data that accumulates on the copier over time. Check that your lease contract or purchase agreement states that your business will retain ownership of all hard drives at end-of-life, or that the company providing the copier will overwrite the hard drive.
When you use the copier:
Use the available security features. Securely overwrite the entire hard drive at least once a month. (If your current device doesn’t have security features, think about how you will integrate the next device you lease or purchase into your information security plans.)
Plan now for how you will dispose of the copier securely. Consider placing a sticker or sign on the machine stating: “Warning: this copier uses a hard drive that must be physically destroyed before turn-in or disposal.”
In addition, your organization’s IT staff should make sure digital copiers connected to your network are securely integrated and protected against outside attacks.
When you finish using the copier:
Check with the manufacturer, dealer, or servicing company for options on securing the hard drive. The company may offer services that will remove the hard drive and return it to you, so you can keep it, dispose of it, or destroy it yourself. Others may overwrite the hard drive for you. Typically, these services involve an additional fee, though you may be able to negotiate for a lower cost if you are leasing or buying a new machine.
Take caution before removing a hard drive from a digital copier on your own: these hard drives often include required firmware that enables the device to operate. Removing and destroying the hard drive without being able to replace the firmware can render the machine inoperable, which may be a problem if you lease the device. Also, hard drives aren’t always easy to find within the machine, and some machines may have more than one. Generally, it is better to work with skilled technicians rather than to remove the hard drive on your own.
Your legal responsibility
Depending on the information your business stores, transmits, or receives, you also may have more specific compliance obligations. For example, if you receive consumer information, such as employee background screens, you may be required to follow the Disposal Rule, which requires a company to properly dispose of any such information stored on its digital copier, just as it would properly dispose of paper information or information stored on computers.
You can access the full guide from the FTC here.