Office - Security levels

The main focus of the Océ strategy is on secure, document access, network processing and document storage.

Access security

  • Secure printing can be initiated from Océ printer drivers to prevent unauthorised printing of specific print jobs. Documents can be kept private by adding a PIN code (instruction video) to a print job
  • User accounts can be set up to prevent unauthorised device and/or mailbox access
  • Tracking and logging/accounting is supported by an internal tracking system
  • External card reader authorisation and control systems are also available
  • Biometric user authentication: User finger vein data will be encrypted and stored in the memory of the device. It is impossible to reconstruct encrypted vein data to the original (compliant to US Government Biometric Verification Mode Protection Profile). Print data are held on hard disc until authentication is approved

Data and document security

  • Mailbox/Userbox clean-up: Automatic mailbox clean-up can be used to prevent documents from being stored too long
  • E-shredding: This unique data-overwrite function prevents recovery of your deleted documents. The unique Océ shredding technology (patent pending) keeps the system productive and yet minimises the ‘window of opportunity’ to the time taken to print a document. Data are automatically erased from the hard drive immediately after they are discarded – making it impossible to recover them using publicly available data recovery software. This e-shredding function conforms with the US Department Of Defence DOD 5220.22-M Directive and can be fully customised to a user’s needs
  • A removable hard drive can be used to physically lock away the hard drive
  • Scans are automatically exported to a password-protected scan server
  • PDF encryption allows you to securely send, view and store scanned data. A password authentication is required to open the scanned document
  • Copy Protection adds a invisible watermark/code to the print. When reproduced, a text (e.g. ‘for internal use only’, ‘copying prohibited’) will automatically appear

Network security

  • Firewall: A specific network service that is not required can be easily switched off. The IP network filter will automatically be reconfigured after the network settings are changed and automatically block unused ports to prevent abuse of these ports. Clear feedback is given about which ports are enabled
  • Client filters: Access to individual network services can be protected using a client filter (e.g. to prevent circumvention of the print server or grant access solely to the print server)
  • Integrity guard: As a second defence behind the firewall, the controller guard checks the integrity of the controller’s software and, if necessary, automatically repairs the software
  • IPv6 Internet Protocol: enhanced security features such as packet authentication and data encryption
  • IP Filtering and Port blocking: prevents unauthorised access to the MFP by registering the IP addresses of granted PC’s
  • SSL/TLS encryption protocol: encrypts data during data exchange to and from the device (e.g. LDAP server)
  • Management functions: The controller can be managed by means of a standard web browser via a secure HTTP/SSL connection. The management functions are protected by a powerful password mechanism
  • Scan-to-email through S/MIME: Possibility to add a digital signature preventing theft of data by 3rd party before it reaches its destination, protecting manipulation of content during transmission and change of sender ID

cardscan.jpg

fingerprint.jpg

ipv6.jpg