Security Guide for Kyocera MFPs and Printers
Recommendations for keeping your Kyocera MFPs and printers more secure
In recent years, we have faced increasingly sophisticated and diverse security threats that introduce security risks from cyber-attacks and data breaches to IoT devices. Thus, IoT devices (i.e., MFPs and printers) should not be directly connected to the Internet to protect these products from unauthorized external access. In addition to creating such a secure environment, Kyocera Document Solutions (referred to as "Kyocera," hereafter) MFPs and printers (referred to as "product," hereafter) require customers to set up a unique and hard-to-guess password during the installation phase. Along with passwords and usage restrictions settings, all the security settings, including, but not limited to, access control, stored data protection, and audit log settings on the product, are set to enhance security. This way, the product and data/information handled through the product are protected against unauthorized access, destruction, use, and modification (e.g., unintentional product setting changes made by a malicious person) and disclosure.
Kyocera recommends the following security measures to protect our customers’ critical information assets. These measures should be implemented during the product installation and operation through decommissioning. They aim to safeguard business and personal data/information stored in the Kyocera product and on the network when using the Kyocera product.
Kyocera recommends the following security measures to protect our customers’ critical information assets. These measures should be implemented during the product installation and operation through decommissioning. They aim to safeguard business and personal data/information stored in the Kyocera product and on the network when using the Kyocera product.
In the installation phase
- Assign a local IP address to the product, which is connected to an internal network (LAN) with firewall/routers protection, separated from an external network. A product should not be connected directly to the Internet.
- Change the product default password to a new password.
- Register access credentials such as an administrator and general user login name and password in advance.
- Employ unguessable strong passwords.
- Do not share the administrator’s password with anyone who does not need to know.
- Use the identification and authentication feature to verify the user who has permission to access or use the product.
- Use the IP filter/Port settings to turn on, off, or limit communication with the product. Turn off all unused features and ports.
- Use any encryptions available for the product.
- Validate any certificates used for the product.
- Use the security features supported to ensure the product is as secure/strong as possible.
Use the security quick setup feature for such as items as network setting, interface block setting, and log setting collectively according to the users’ security policy.
In the operation phase
- Confirm the use of a legitimate connection destination before connecting with the product.
- Check the product software to ensure it is up to date.
- Visit the Kyocera global website regularly to check the latest security-related information.
- Confirm if the network communication is properly performed and check for unauthorized access.
- Hold a print/scan job in the product from a PC until a user enters their appropriate password through the product operation panel.
- Turn off the power if the product will not be used for an extended period of time.
- Update the product settings to control who can access and use the product regularly.
- Enable HDD Overwrite-Erase.
In the decommission phase
- At the product’s lease end or end of life, set and execute sanitization features to completely sanitize the data retained inside the product or any residual data. Product settings can revert to factory default settings (i.e., initialization).
The security guide is intended to help you configure the minimum-security settings for your user’s environment. Please note that you are responsible for independently evaluating the information described in the security guide, as well as the usage of Kyocera products or services, especially those connected on your network environment. The information in the security guide is subject to change without notice.
The information in the security guide is provided "as-is" without warranty of any kind, whether express or implied. Although care has been taken when compiling this information, Kyocera makes no representations or warranties about the accuracy, completeness or adequacy of the information provided herein, nor fitness for a particular purpose, and shall not be liable for any errors or omissions. The only warranties for Kyocera’s products and services are as set forth in the express warranty statements accompanying them. Nothing herein shall be construed as constituting an additional warranty.
The information in the security guide is provided "as-is" without warranty of any kind, whether express or implied. Although care has been taken when compiling this information, Kyocera makes no representations or warranties about the accuracy, completeness or adequacy of the information provided herein, nor fitness for a particular purpose, and shall not be liable for any errors or omissions. The only warranties for Kyocera’s products and services are as set forth in the express warranty statements accompanying them. Nothing herein shall be construed as constituting an additional warranty.