Xerox Adds Security Features to Its Devices

The device maker has created a handful of technologies to help businesses protect their sensitive data.

With copiers and multifunction devices increasingly connected to the network and capable of storing large amounts of data, Xerox is making security a bigger priority to keep its enterprise customers happy.

Security technologies are becoming more tightly integrated with IT products of all kinds, as evidenced by storage giant EMCs recent acquisition of software maker RSA Security for $2.1 billion. Now, enterprises are looking for new ways to lock down devices that have long posed a serious threat for information leakage: their copiers, scanners and printers.

/zimages/2/28571.gifClick here to read more about EMCs RSA buy.

While EMC went the buyout route to bring new security capabilities in-house to help better protect its storage hardware and software, Xerox, a stalwart of the copier and multifunction device business, is touting its own increasing focus on building data protection controls more deeply into its products.

Customers are asking the office equipment maker how it can help them safeguard the growing amount of data that travels across such devices, said Larry Kovnat, systems security manager at Xerox, of Stamford, Conn. The demands placed on enterprises to provide a trail of evidence for auditors looking for compliance with federal data protection regulations such as the Sarbanes-Oxley Act are driving an additional level of concern, Kovnat said.

As a result, the device maker has created a handful of technologies aimed at helping businesses ensure that their sensitive data isnt left sitting on the proverbial copier and to ensure that employees arent using the equipment to reproduce information that isnt meant to walk out the door.

Xerox is offering customers a range of features, such as its Image Overwrite tools, which electronically "shred" information temporarily stored on the hard disk of its devices to keep subsequent users from trying to access information previously transmitted or copied on the machines. Another feature, Internal Auditron, requires authorization for workers to use specific copier features and allows administrators to limit the number of copies available to each user and create records of each individuals activity.

Many Xerox devices can now be integrated with centralized network authentication systems to limit access to scanning, e-mail and fax features using existing employee user names and passwords. And for companies using Microsofts Active Directory identity provisioning software, most high-end Xerox copiers and printers allow customers to use the popular user account infrastructure to require log-in directly at the printer, instead of exclusively using locally defined access accounts, which often must be managed independently.

Other security features being pushed by Xerox include removable hard drives and disk drives; the ability to re--quire users to enter security PINs at the printer to produce documents; the option to permanently delete all files after printing; and features that tie printing, scanning and fax privileges to user accounts for compliance purposes.

/zimages/2/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.