Recommendations for keeping your UTAX MFPs and printers more secure
In recent years, we have faced increasingly sophisticated and diverse security threats that introduce security risks from cyber-attacks and data breaches to IoT devices. Therefore, IoT devices (i.e. MFPs and printers) should not be directly connected to the Internet to protect these products from unauthorised external access. In addition to creating such a secure environment, UTAX MFPs and printers require customers to set up a unique and hard-to-guess password during the installation phase. Along with passwords and usage restrictions settings, all the security settings, including, but not limited to, access control, stored data protection, and audit log settings on the device, are set to enhance security. This way, the product and data/information handled through the MFPs and printers are protected against unauthorised access, destruction, use, and modification (e.g. unintentional device setting changes made by a malicious person) and disclosure.
UTAX recommends the following security measures to protect our customers’ critical information assets. These measures should be implemented during the device installation and operation through decommissioning. They aim to safeguard business and personal data/information stored in the UTAX device and on the network when using the device.
In the installation phase
- Assign a local IP address to the device, which is connected to an internal network (LAN) with firewall/routers protection, separated from an external network. The device should not be connected directly to the Internet.
- Change the default password to a new password.
- Register access credentials such as an administrator and general user login name and password in advance.
- Employ unguessable strong passwords.
- Do not share the administrator’s password with anyone who does not need to know.
- Use the identification and authentication feature to verify the user who has permission to access or use the device.
- Use the IP filter/Port settings to turn on, off, or limit communication with the device. Turn off all unused features and ports.
- Use any encryptions available for the device.
- Validate any certificates used for the device.
- Use the security features supported to ensure the device is as secure/strong as possible.
- Use the security quick setup feature for such as items as network setting, interface block setting, and log setting collectively according to the users’ security policy.
In the operation phase
- Confirm the use of a legitimate connection destination before connecting with the device.
- Check the device software to ensure it is up to date.
- Visit the UTAX website regularly to check the latest security-related information.
- Confirm if the network communication is properly performed and check for unauthorised access.
- Hold a print/scan job in the device from a PC until a user enters their appropriate password through the device operation panel.
- Turn off the power if the device will not be used for an extended period of time.
- Update the device settings to control who can access and use the device regularly.
- Enable HDD Overwrite-Erase.
In the decommission phase
- At the device’s lease end or end of life, set and execute sanitisation features to completely sanitise the data retained inside the device or any residual data. Device settings can revert to factory default settings (i.e. initialisation).
For more details about the security features installed on UTAX products, please refer to the Security White Paper for UTAX MFPs and Printers.