Saturday, May 22, 2010

Copier Hard Drives & Security "Easy Solution"


There's been a tremendous amount of traffic on Twitter and Google in reference to theft of identity and theft of corporate secrets from copier hard drives.

Almost all of the Copier Manufacturers have released statements in recent weeks in reference to how secure their new systems are and there are options for new systems that will scrub, erase and delete the data on these drives. Any company considering a purchase or lease of a new copier/MFP should ask about the options that are now available.

With some of the manufacturers such as Ricoh, they have a removable hard drive. The hard drive actually sits outside of the system and can be removed by an authorized user. The hard drive is secured in place by using a provided key lock system allowing for authorized removal and quick and easy storage. However, this feature/option is not available with all of the Copier/MFP's that Ricoh offers.

As the industry moves forward, the all manufacturers need to offer a removable hard drives for all of their models no matter how big or how small. At the end of the life cycle of the copier, the hard drive can be removed and owner of the MFP keeps their hard drive with their data and they can do what they want with it.

Removable drive makes sense for the customer; they get to keep their data, the leasing company; they get the system back with the original OEM hard drive still in place; the dealer; gets to keep it simple for all parties involved. A few weeks ago a Print4Pay Hotel member stated that even if a hard drive is broken into chunks data can still be retrieved. So, unless you are going to shred your hard drive, you're probably better off keeping your old drive with your data.

But, what about that copier that was shipped back to the leasing company a few years ago? My thoughts, most likely it was either dismantled for parts, still sitting in the warehouse or was sold to dealer that has already re-sold the system and its back in a new office making copies and prints.

Just yesterday, I had to print a copy of my taxes to the Copier/MFP and I actually thought twice about hitting the print solution. Thoughts ranged from; will and image be retained on the hard drive forever, where will this copier/mfp be in a few years from now? What it came down to is that I needed it to print the documents, thus I sent the file. Personally, I consider printing to a copier/mfp as very low risk and would rate giving my credit card to a gas station attendant a higher risk (Here in NJ, we get our gas pumped for us, and we pass less at the pump for a gallon of gas.... go figure).

So, when selling a new system, advise your customer of how or who will delete or remove their old hard drive data, and if you're in the market for a new system, don't be a cheap skate, spend the extra bucks if it's an option. If you turned in a system a few years ago and nothing has happened with your corporate secrets or your identity, I'd let it go, odds are nothing will happen.

-=Good Selling=-

3 comments:

cahtmyle@gmail.com said...

This depends on what you mean by removable hard drives. Are we talking a drive that can be removed at end-of-life, or a drive that you can pull all the time.

I had customers ask for removable hard drives 15 years ago with the Fiery XJ platform. This was mostly military contractors who wanted to pop out the drive and lock it in a safe when they left every night.

If you want a drive that can be removed at end-of-life, every manufacturer supports this. Maybe some are easier than others, but every manufacturer has a procedure to replace a hard drive. As you say, a user extractable drive is much less widely available. But is it more desirable in most cases?

I'm not familiar with the Ricoh models you reference, but it sounds as if a user walks up with a key, unlocks a shell and pulls the drive. If you try to convince a customer that this is a great solution for end-of-life data security on their MFP's, I'll come in after you and blow your sale out of the water all the time.

I'll just ask these two questions:
1. Leasing companies will want a working machine back at the end of the lease. You can't just pull the drive and leave a hole. You have to install a HDD compatible with that machines firmware. Will the customer be able to locate a compatible 40GB drive off the street at the end of the 60 month lease? Can they find 20 of them? Does the MFP manufacturer require a special bootstrap loader or hidden partition for the drive to work? The term working MFP implies machine firmware is loaded, can the customer do that? If you have to pay your outgoing vendor to supply and configure a compatible drive on a running machine, what was the use of having a removable drive?

2. Is the customer going to pull the drive and lock it away every day? If not they have just decreased the security of their data thinking they are more secure. You have now exposed the hard drive to the outside world where anybody with physical access to the machine can more easily yank it and carry it away. They no longer have to know which covers to pull, which board to remove, etc. to get to the embedded HDD. Your HDD is now in plain sight. Don't fool yourself that a lock next to the drive makes it safe. This is about as secure as thinking that because you need a screwdriver to pull the HDD from the desktop computer on every users desk that they are secure. Use a #2 Phillips head and pull the back cover from the machine and look how "solidly built" that frame is and think how hard it would be for anyone with a screwdriver and a pair of vice-grips to make that lock useless.

I'm not saying that there is no place for removable drives, but selling the customer that a removable drive it is in and of itself a security feature that they want on every machine is a recipe for disaster.

Personally if I were making security decisions, I'd take the machine with the hardest HDD to remove, which is encrypted using a proprietary card so that a drive removed from the MFP is useless plugged into a hackers computer. Can they be decrypted? Sure the NSA could eventually pour enough resources into the project to recover anything. But the average hacker will drop the drive in the dumpster very quickly and move on to easier pickings from the Ricoh with the removable drive.

Unknown said...

Hey, thanx for the reply!

One thing you might have missed here is that with certain Ricoh devices you can have your cake and eat it too! Meaning you can have the locked down removable drive, plus the HD that's in the unit. When the removable HD is installed all data is then router to this drive only, there for leaving the default drive in the system free of data. This would then allow the user to pull the removable HD at the end of the lease term and return the copier with the original OEM HD inside the unit that is free of data.

As far as someone walking by an removing the drive, it's got a harness, lock and key, if it's good enough for DOD, I'm sure there's more than enough security for commerical accounts.

BTW, This is one feature I think the entire industry should adop.

Thanx for the post!

Art

cahtmyle@gmail.com said...

Art,
The whole purpose for the DOD pushing for removable drives is that they DO NOT trust MFP security.

The DOD specifies that the users pull the hard drives from the machine and lock them in a safe every night to secure the data. If your customer thinks that just because the DOD specifies a removable disk, and they buy a machine with a removable disk that they are getting DOD level security on the device they misunderstand the concept. This type of data security depends on the user following a set of protocols to manually secure the data away from the MFP.

Think of it like this, if your doctor burned all their medical records to a DVD but left the DVD in the drive rather than locking it in the safe, you would not consider your medical records to be properly secured.