In a recent article written by Michael Kassner and posted on the TechRepulic.com website, we notice an area of information security and compliance risk concern that needs to be brought to the attention of our readers.
If your organization is in compliance to or certified to any information technology framework or international standard (i.e. ISO 27001:2005), then the security analysis process or at least the information security policy of your organization should address the information security and data security risk(s) associated with any digital photocopier product operating in your organization.
Many of our readers may be already aware of this risk, but, they also may be less than totally clear on the information system security risks associated with those copiers.
While whether a particular multi-function peripheral (MFP) saves every digitized document or not appears to depend on the brand, and, how it is configured — we suggest adding this article to your library of information security reference documents.
Please pass this along to your information security assessment and risk management team members in your organization.
Click here to read the full article.