Security Function Ver. 1.02 Mar. 2016
4. Precautions for operation control
6
4.
Precautions for operation control
A. Requirements of the service engineer
The service engineer should take full responsibility for controlling the machine during his or
her procedures for setting up and servicing the machine so that no improper operations are
performed.
<To achieve effective security>
• The service engineer who sets up and services the machine should have completed the
course in security and be certified accordingly.
• The service engineer should swear that he or she would never disclose information as it
relates to the settings of this machine to anybody in accordance with the Installation
Checklist contained in User’s Guide [Security Operations].
• The service engineer should perform his or her physical service jobs in the presence of
the administrator of the machine.
B. Protection of setting data in
S
ervice Mode
The CE password used to access Service Mode must be adequately controlled by the ser-
vice engineer concerned to ensure that it is not leaked. Make sure that any password that
could be easily guessed by a third person is not used as the CE password.
<To achieve effective security>
The CE password should:
• Not be one that is easily guessed by third persons.
• Not be known by any third person.
• Be changed at regular intervals.
• Be set again quickly if one has been initialized.
C. Machine maintenance control
When the service engineer performs maintenance service jobs for the machine, he or she
should check the firmware version (MFP Card Version, MFP Controller BOOT Program),
and make sure that the system has not been altered.
The service engineer should take the following precautions when the user is to purchase an
additional option.
• For an option that requires that Enhanced Security Mode be turned “OFF” before the
option can be used on the machine, notify the user that the mounting of the option makes
the machine not guaranteed by the ISO15408 certification.
• Applications subject to the ISO15408 security evaluation and certification are described
in User’s Guide Security Operations. If any application (including options) not described
in the User’s Guide is to be used, notify the user that the use of the application is not
guaranteed by the ISO15408 certification.
When the Enhanced Security Mode is set to [OFF], make various settings according to the
installation checklist and then have the administrator set the Enhanced Security Mode to
[ON] again.
D. Miscellaneous
The service engineer should explain to the administrator of the machine that the lan-
guages, in which the contents of the User’s Guide [Security Operations] have been evalu-
ated, are Japanese and English. He or she should also explain the way how to get the
manual in the language, in which it is evaluated.
In addition, the service engineer should promptly provide the version of the User’s Guide
that has been evaluated for the user whenever the user needs one.