Tuesday, November 23, 2010

KIP Systems offer advanced security features, including DoD Secure file shredding, free of charge.

At  KIP, security is paramount. As a world leader in the development of digital wide format production technology, KIP is committed to keeping digital information safe and secure. Customers and potential customers should look to KIP as a trusted provider of secure solutions with many standard and optional security features.

Specific security features on KIP devices include: 

Image Overwrite Option: The Image Overwrite security option electronically shreds information stored on the hard disk of devices as part of routine job processing. Electronic erasure can be performed automatically at job completion (Immediate), and Scheduled. The KIP Image Overwrite security process implements a three-pass algorithm originally specified by the U.S. Department of Defense.

KIP 7.2 Software includes the Department of Defense NISPOM specifications to securely delete (overwrite) all image data after a print, copy or scan job has been completed.

File Shredding (overwriting) processes and scheduling is configurable using KIP PrintNET.
File Shredding  can be configured as follows:
  •  After each copy, print or scan job, KIP 7.2 software will remove all remnants of file image data. 
  •  Scheduled on a daily, weekly or monthly basis. 

Organizations using file shredding software may wish to use both processes.  The shredding process time can vary depending on the amount of data or empty hard drive space to be overwritten.

KIP Standard Accounting: When enabled on KIP devices, this feature monitors all prints, copies, and scans produced and who produces them. Administrators can track activity at a user, group or department level.

Access Control: Customers that need to restrict access to a device to a limited set of authorized users and operators. KIP production devices include access control features such as:
User Authentication: This feature ensures that only properly authorized users are permitted to use a KIP device. By applying multiple layers of authentication, and customization administrators can control access on one or more levels. 

Project Authentication: This feature ensures that only properly authorized users are permitted to use a KIP device. By applying multiple layers of authentication, and customization administrators can control access on one or more levels. 

Scan/Print Authentication: Prompt for SMB password. This allows any user to access these resources to either print a document or scan a document to file. In order to secure these resources, IT/IS departments may require a user to type in their password to gain authentication rights to the network resource. IT/IS departments may include a limit of how many times a user can enter the incorrect password thus further locking down security of the system. 

Removable Hard Disk Drive Accessory/Kit: When the Removable Hard Disk Drive kit is installed, authorized users can quickly, easily remove hard drives, and lock them up. This eliminates the risk of unauthorized access when the device is unattended. Multiple removable hard drives could be implemented allowing secure device sharing between different workgroups or departments. This capability is required by the US Government for management of "Classified" information and highly recommended for commercial customers who print data that is subject to legal regulations (e.g., HIPAA, PCI). 

Microsoft Active Directory Services: The Microsoft Active Directory Services (ADS) feature enables, through the KIP accountiing feature, the device to authenticate user accounts against a centralized user account database, instead of exclusively using the user account database that is managed locally at the device 

Network Security
KIP devices also include features to protect the printer from unauthorized remote access and to protect the confidentiality of “data in motion”, specifically customer jobs which are transmitted to the printer over a network. These features include: 

IPSec: Internet Protocol (IP) Security enables the digital front end or printer device to authenticate remote users and requires these users to encrypt the data transmitted using legacy print protocols such as LPR and Port 9100. IPSec is supported by a variety of PC operating systems including all modern versions of Microsoft Windows. 

Secure Socket Layer/Transport Layer Security (SSL/TLS): The SSL/TLS feature provides protection of customer confidential data transmitted over a network when using the HTTP protocol (e.g., Web Print client). 

Network Authentication:  Access to device functions (e.g., scan and e-mail) is restricted by validating network user names and passwords prior to use of these functions.