Section 3
System Planning and Implementation
Security Printing Solutions User’s Guide -- 50-70410-002 Rev. A
3-3
Implementing
the TROY
Security
Printing
Solution
(cont.)
Step 5:
Determine who in the organization should have access to blank check paper, to printed checks, and to
the software that prints checks. To avoid fraud, the number of personnel who have access to these items should
be kept to a minimum. The first two individuals on your list should be given the keys to the locking printer trays
(if applicable). The latter individuals should be given a key to the printer keylock switch (TROY Secure
EX
series printers only). All key recipients should be advised of their security obligations and responsibilities
.
NOTE: If you are installing a TROY MICR printer (not a TROY Security Printing Solution), skip to Step 9.
Step 6:
Determine how check data will be sent to the printer, either locally over a direct parallel connection, or
over a network connection. If check data is going to be transmitted across public networks (e.g., across the
Internet), encryption is strongly recommended (TROY Secure
EX
series printers only) so that print data cannot be
“tapped into” and used to commit check fraud. Encryption can also be used on internal networks (intranets) if
internal security is a concern. Encryption is not recommended or required for direct (non-networked)
connections between a workstation and a TROY Security Printing Solution. If you use encryption, you must
select a password (or pass phrase) of up to 128 characters in length for use in the encryption/decryption process.
Step 7:
Determine who will have access rights to the TROY printer to print MICR documents. Because selected
TROY solutions provide user-level security, your TROY printer can be a shared device for printing both MICR
and non-MICR documents. If this level of security is required in a shared environment, the administrator should
prepare a list from 1 to 19 user names and passwords (each not to exceed eight characters in length in the range of
A-Z and 0-9) and assign PINs for the Softlock and Joblock features (if applicable). All users, with the exception
of the administrator, have the same access privileges to secure resources stored in the printer. Therefore, it is
advantageous to use multiple user names. User names are also logged automatically in audit data records.
Step 8:
Decide if either the TROYmark
™
and/or the TROY auditing feature will be used as security measures.
If so, the administrator must decide which fonts are to be used to capture the appropriate check data for these
features. A special TROY Messaging font can also be used to insert data into TROYmark
™
or audit data records
using non-check data. Data capture fonts must be printer-resident and unified across all check types. Refer to
Section 2 –
Understanding TROY’s Features
.
Step 9:
Determine the paper tray mapping assignment requirements for your TROY printer. Use this feature to
enhance MICR printing security by blocking access to paper trays containing check paper and divert non-MICR
jobs to paper trays containing plain paper. If using this feature, determine the paper tray to be mapped for
unsecured print requests (the paper tray loaded with standard white paper).
Step 10:
Identify the workstation PCs that will be used to print checks. Verify that these PCs are adequately
equipped with sufficient memory (RAM) and are running Windows 98SE, NT 4.0, 2000, or ME. Login security
should be enabled on each PC.