4 precautions for operation control, Roles and requirements of the administrator, Password usage requirements – Konica Minolta bizhub 751 User Manual
Page 12
751/601
1-7
Security
1
1.4
Precautions for Operation Control
This machine and the data handled by this machine should be used in an office environment that meets the
following conditions.
Roles and Requirements of the Administrator
The Administrator should take full responsibility for controlling the machine, thereby ensuring that no improp-
er operations are performed.
<To Achieve Effective Security>
-
A person who is capable of taking full responsibility for controlling the machine should be appointed as
the Administrator to make sure that no improper operations are performed.
-
When using an SMTP server (mail server) or an DNS server, each server should be appropriately man-
aged by the Administrator and should be periodically checked to confirm that settings have not been
changed without permission.
Password Usage Requirements
The Administrator must control the Administrator Password, HDD Lock Password, Image Data Encryption
Passphrase, Flash Memory Lock Password auth-Password and priv-Password appropriately so that they
may not be leaked. These passwords should not be ones that can be easily guessed. The user, on the other
hand, should control the User Box Password, Secure Print Password, and User Password appropriately so
that they may not be leaked. Again, these passwords should not be ones that can be easily guessed. For the
Public User Box shared among a number of users, the User Box Password should be appropriately controlled
so that it may not be leaked to anyone who is not the user of the Public User Box.
<To Achieve Effective Security>
-
Make absolutely sure that only the Administrator knows the Administrator Password, HDD Lock Pass-
word, Image Data Encryption Passphrase, Flash Memory Lock Password, auth-Password and priv-
Password.
-
The Administrator must change the Administrator Password, HDD Lock Password, Image Data Encryp-
tion Passphrase, Flash Memory Lock Password, auth-Password and priv-Password at regular intervals.
-
The Administrator should make sure that any number that can easily be guessed from birthdays,
employee identification numbers, and the like is not set for the Administrator Password, Account
Password, HDD Lock Password, Image Data Encryption Passphrase, Flash Memory Lock Password,
auth-Password and priv-Password. Do not set any number that consists of 7 digits or less.
-
If a User Password or User Box Password has been changed, the Administrator should have the
corresponding user change the password as soon as possible.
-
The Administrator should change the Account Password set for each account at regular intervals and,
should one be changed, he or she should immediately inform users who implement Account Track of
the new Account Password.
-
If the Administrator Password has been changed by the Service Engineer, the Administrator should
change the Administrator Password as soon as possible.
-
The Administrator should have users ensure that the User Authentication, Secure Print Document, and
User Box are known only by the user concerned.
-
The Administrator should have users who implement Account Authentication ensure that the Account
Password set for the account is known by the users implementing Account Authentication only.
-
The Administrator should make sure that only the users who share a Public User Box and Group User
Box know the password set for it.
-
The Administrator should have users change the passwords set for the User Authentication and User
Box at regular intervals.
-
The Administrator should make sure that any user does not set any number that can easily be guessed
from birthdays, employee identification numbers, and the like for the passwords set for the User Au-
thentication, Secure Print Document, and User Box.