[ISN] Hacking copiers, software focus raised at document management conference

From: InfoSec News (isn@private)
Date: Wed Nov 09 2005 - 22:22:55 PST


http://www.networkworld.com/news/2005/110905-hacking-copiers.html

By Network World staff
Network World
11/09/05

You might think you've heard about every possible security
vulnerability in your network, but what about your copiers?

"Network-connected output devices are becoming an absolute primary
target of people, foreign and domestic, who are penetrating networks,"  
according to Jim Joyce, senior vice president for office services at
Xerox Global Services.  "The reason for that is many of them are large
devices with large disk drives, with a fair amount of memory and are
network connected and are not secure. This laptop [I'm using for this
presentation] is probably 10x more secure than any of the output
devices we have in our environments today."

Joyce, speaking Tuesday at the two-day Office Document Solutions
conference in Boston, was among a number of presenters who implored
makers of printers, copiers, scanners and other such devices to start
thinking about more than just selling boxes to customers.

Joyce said during an interview after his speech that Xerox has poured
some $20 million in recent years into technologies to better manage
office and document systems and is putting a particular emphasis on
security these days. He noted that some machines, such as
multifunction devices, might have several operating systems in them
that could provide security holes if not protected.

Look for Xerox in the months to come to deliver more in the way of
technologies that would enable document systems to be able to identify
content so that companies can better prevent intellectual property and
other confidential data from getting swiped. Xerox's Palo Alto
Research Center has been working on such technologies, Joyce said.

[...]



_________________________________________
Earn your Master's degree in Information Security ONLINE
www.msia.norwich.edu/csi
Study IA management practices and the latest infosec issues.
Norwich University is an NSA Center of Excellence.



This archive was generated by hypermail 2.1.3 : Wed Nov 09 2005 - 22:29:52 PST