Concerning the Information Security Standard

This machine is compliant with IEEE Std. 2600™-2008 (IEEE 2600), an international standard concerning information security for multifunctional peripherals and printers. This section describes the security requirements defined in IEEE 2600, and the corresponding machine functions.
Security requirement
Corresponding machine function
Preventing unauthorized access with user authentication/user information management
User Authentication
Performs personal authentication based on user authentication information such as user names and passwords, and manages user information such as privileges (roles). Managing Users
Managing access and restricting operations by user
ACCESS MANAGEMENT SYSTEM
The availability of functions such as printing and copying can be assigned to each user, enabling you to manage access to these functions on an individual user basis. See ACCESS MANAGEMENT SYSTEM Administrator Guide.
Using audit logs*1 to record and monitor security-related user operations
Generating/exporting audit logs
You can record user authentication logs and job logs, and export them from the Remote UI. Managing the Logs
Completely deleting unnecessary data from the hard disk
HDD Complete Deletion
Unnecessary data can be deleted from the hard disk by overwriting with random data multiple times. Managing Hard Disk Data
Protecting the various types of data and confidential information stored on the hard disk*2
Hard disk data encryption
Encryption is used to protect data on the hard disk, such as files stored in the Mail Box, Address Book data, and password information. Managing Hard Disk Data
Protecting data on the network with encrypted communication
IPSec
By creating security policies for encrypted communication, data can be protected from various threats when sent and received over an IP network. Configuring the IPSec Settings
Self-verification of security functions
IPSec
When IPSec is enabled, the self-test for the encryption module is automatically performed when the machine starts.
*1 Operations for <Scan and Store>, <Network> in <Access Stored Files>, and <Memory Media> are not included in the scope of the audit.
*2 Files stored in memory media are not encrypted.
40K3-0E7