Security is in our DNA Ricoh devices are designed, manufactured and implemented with security as a core requirement. Security-focused thinking is present from the start in everything from product design to sales. It’s in our DNA — informing both our design philosophy and our commitment to work continuously to support our customers with solutions as threats evolve.
Wondering if your devices are vulnerable? Security threats are no longer limited to personal computers, servers or networks. Printing devices — even basic laser printers — need countermeasures against a diverse range of threats. As multifunction printers have evolved into true information terminals, they have become core IT assets in their own right. The computing capability of what have been traditionally categorized as “Printer/Copiers” has grown, but so too have potential threats — which can include: • Malicious access via networks • The tapping and alteration of information over the network • Information leaks from HDD storage media • Unauthorized access via a device’s operation panel • Improper access through fax telephone lines • Information leaks via hard copy • Security policy breaches due to carelessness Simply hoping you don’t get hit is not the answer. Superior technology, commitment and know-how are essential. Ricoh can help you tackle potential issues caused by vulnerabilities in your devices, the data they process and the networks to which they connect.
Device security - Our device security capabilities can help protect multifunction devices and laser printers from potential threats — including compromising firmware, a device’s hard disk drive, non-volatile memory, open network ports and system of authentication. Ricoh has obtained certification for a wide range of products based on Common Criteria (ISO/IEC 15408). On devices undergoing Common Criteria certification, security functions are tested by independent third-party government-licensed laboratories to ensure security features perform correctly and conform to standards set by both government and industry.
Unsecured firmware can be compromised If a MFP or printer’s built-in software — also known as firmware — is altered or compromised, that device can then be used as a method of intrusion into the corporate network, as a means to damage the device or as a platform for other malicious purposes. Ricoh-designed devices are built using a Ricoh-only Trusted Platform Module (TPM) and are designed to not boot up if the firmware has been compromised. Ricoh’s TPM is a hardware security module that validates the controller core programs, Operating System, BIOS, boot loader and application firmware. Ricoh MFPs and printers use a digital signature to judge firmware validity. The public key used for this verification is stored in an overwrite protected, non-volatile region of the Ricoh Trusted Platform Module (TPM). A root encryption key and cryptographic functions are also contained within the TPM and cannot be altered from the outside. Ricoh uses a Trusted Boot procedure that employs two methods to verify the validity of programs/firmware: 1. Detection of alterations 2. Validation of digital signatures A Ricoh device will not boot up unless its programs/firmware are verified to be authentic and safe for users.
https://www.ricoh.ca/-/media/Ricoh/Sites/CA/PDFs/Brochures/Ricoh_Security_Overview_EN_CA.pdf
