Stored images on photocopiers a security risk - Update
A report by CBS News is causing controversy in the US – many (professional, digital) photocopiers store copies of scanned documents on an internal hard drive and these images can easily be extracted, often long after the original copy was made. This could be significant if, for example, a copier is sold on and the seller neglects to delete this data. Such copiers store scanned images in order to be able to make multiple copies without having to continuously re-scan the original document.
CBS reporters purchased several used copiers and, after removing the hard drives from the copiers, found medical records, police reports, design plans, payment orders and copies of cheques. Although, in some cases, retrieving these documents did require the use of forensic or file retrieval software.
The content of the report is nothing new; like reports of payroll records turning up on hard drives purchased off eBay, reports like this turn up year after year. According to CBS, Sharp, in a 2008 survey, found that 60% of users were unaware that their data was being saved to a hard drive.
In principle it's not necessary to extract the hard drive in order to access data. Many copiers have network connections which can be used to view or download files via Telnet, web or FTP.
For security reasons, most copiers support immediate (IIO, immediate image overwrite) or delayed (ODIO, on demand image overwrite) overwriting of saved images. In some cases, however, these are paid-for optional extras. Added to which, their efficacy can be variable. Xerox' documentation, for example, states that deletion of files is not one hundred per cent effective, especially in the event of an unexpected interruption while copying.
Samsung's MultiXpress series copiers implement Common Criteria specifications by overwriting data on hard drives three times in accordance with United States Department of Defense (DoD) directive 5200.28- M. This prevents even forensic tools from being able to extract any usable data. Business customers leasing copiers should insist that their data is properly deleted before the devices are reused.
The problem is not, however, confined to business customers – individuals using public copiers in shops or public libraries should be aware that their documents may end up on the device's hard drive. The shopkeeper or library assistant should be able to tell you whether a copier is set up to delete images immediately. Indeed officially this function must be activated, since storing personal data without the consent of the individual concerned is a breach of data protection legislation.
Update: According to Xerox, its latest devices encrypt all data on their disks to prevent unauthorised users from retrieving stored information. Xerox do not give details of the encryption method used.