What type of
security requirements
does your office require? Does the device have the
security features
to
meet this demand? Can device access be
password protected
? Does the device
remove latent images
on disk drives
and in memory? Does the multifunction system vendor participate in
third-party testing and certification
?
Built-in Security
Xerox is committed to the security of its products and takes a unique approach to security within the
document industry: Xerox believes security should be built in as a core component of the
multifunction system and its controller.
The WorkCentre 7655/7665/7675 series offers built-in security features for physical and network-based
access controls, user authentication, usage tracking, file encryption, and file deletion to fully comply
with the IT organisation’s information security policies. This is accomplished through intelligent design
architecture that complies with stringent industry security standards and increasing regulations in the
government, military, health care (HIPAA), legal (Sarbanes-Oxley), financial (Gramm-Leach-Biley Act) and
pharmaceutical (FDA 21 CFR Part 11) sectors. The security capabilities of WorkCentre 7655/7665/7675
series multifunction systems can be further extended with solutions from Xerox Alliance Partners.
Security features of the WorkCentre 7655/7665/7675 series include:
• 802.1x Support —
Ensures devices connected to the network are properly authorised
• Analogue Fax and Network Isolation —
Controller architecture isolates the fax telephone line and
the network connection to foil incoming attacks
• Authentication
- System Administrator Authentication —
The WorkCentre 7655/7665/7675 series allows access
to administrative web pages to be restricted to authorised employees. Device Access Password
Protection further restricts access to device setup screens and remote network settings
- Network Authentication —
Restricts access to scan, email, and fax features by validating
network user names and passwords
- Copy Auditron —
Restricts user access to the device, sets limits for users and groups, tracks
jobs and provides reports
• Firewall —
Restricts access via IP Address Filtering, Domain Filtering,
and Port Blocking
• Image Overwrite Security Kit —
Electronically erases data that has been
processed to the hard disk in print, copy, scan, and fax modes using
a three-pass algorithm specified by U.S. Department of Defense
Directive 5200.28-M
• Internal Security Audit Log —
Permits tracking of activity at the device,
satisfying the needs of organisations that must provide logging of the
transfer of Personally Identifiable Information per regulations like
HIPAA, Sarbanes-Oxley, Gramm-Leach-Bliley Act, and more
14
W O R K C E N T R E 7 6 5 5 / 7 6 6 5 / 7 6 7 5 E VA L U AT O R G U I D E
X_
12521_W65EG-01EE
LANGUAGE:
ENGLISH
FREEDMAN INT.NO:
12521
PROOF NO:
01
DATE:
13/11/2008
PLATES:
CMYK+XEROX RED
PAGE:
16
HOW THE XEROX WORKCENTRE
®
7655/7665/7675 SERIES
EXCEEDS THE SECURITY CAPABILITIES REQUIREMENT
SECURITY CAPABILITIES
EVALUATE
ADVANTAGE
XEROX
Common Criteria Certification:
The National Information Assurance
Partnership (NIAP) is a U.S. government
initiative to meet the security testing of
Common Criteria, and is a collaboration
between the National Institute of Standards
and Technology (NIST) and the National
Security Agency (NSA). Common Criteria
for IT Security Evaluation is an interna-
tionally recognised methodology (ISO
15408) for evaluating the security claims of
hardware and software vendors. The five
major elements of Common Criteria are
availability, integrity, confidentiality,
accountability and nonrepudiation.
