Data on digital copiers need to be secured, FTC warns

In a recently released brochure, the FTC advises businesses to expand their information security plans to include protecting data contained in digital copiers. “If the data on your copiers gets into the wrong hands, it could lead to fraud and identity theft”, the agency warned.

Digital copiers made for businesses usually have hard drives that could contain sensitive information, the agency said.

“The hard drive in a digital copier stores data about the documents it copies, prints, scans, faxes or emails. If you don’t take steps to protect that data in can be stolen from the hard drive, either by remote access or by extracting the data once the drive has been removed.”

The consumer protection agency recommends that businesses take a number of steps to secure the data on their digital copiers.

First, a business should inform its IT personnel that they need to manage and maintain the copier as they would a computer or a server.

Second, when a business buys or leases a copier, it should evaluate the options for securing the data on its hard drive, including the encryption or overwriting features that will be used. A business should take advantage of all of the copier’s security features. This should include securely overwriting the entire hard drive at least once a month.

Third, when a business returns or disposes of a copier, it should investigate whether it is possible to have the hard drive removed and destroyed, or to overwrite the data on the hard drive. Generally, it is advisable for a skilled technician to remove the hard drive to avoid the risk of rendering the machine inoperable, the agency said.

What’s hot on Infosecurity Magazine?