Remedy for unauthorized operations – Konica Minolta bizhub PRESS 1250P User Manual
Page 55
bizhub PRESS 1250P
2-47
2.5
Administrator Security Functions
2
-
Even if password authentication succeeded (OK), you may need to check whether a legitimate user cre-
ated the action. Careful check is recommended especially when successful authentication occurs after
series of failures, or for those made during times other than normal operating hours.
Specifying unauthorized actions: actions other than password authentica-
tion
Since all operation results other than password authentication are indicated as successful (OK), use ID and
action to determine if any unauthorized actions were made.
-
Since you cannot identify what was attacked only with an ID, you need to refer to the correspondence
table of actions on the previous page to determine whether unauthorized actions were made on a per-
sonal box or secure box.
-
Check the time of operation, and see if the user who operated the specific subject made any unauthor-
ized actions.
For example:
If a document saved in a box is printed with fraudulent authentication, the following audit log entry will be
created.
1. Password authentication to the box:
action = 11
id = Box for which the authentication was performed
result = OK/NG
2. Access to the document in the box:
action = 13
id = Box for which the authentication was performed
Check the date and time of the operation, and see if the user who operated on documents in the specific
personal/secure box was a legitimate owner of the box.
Remedy for unauthorized operations
If you find that a password has leaked out after analyzing the audit log, change the password immediately.
-
The legitimate user may not be able to access the box because the password has been fraudulently
altered. The administrator must contact the user to confirm the situation, and if that is the case, he/she
must address the problem either by changing the password or by deleting the stored data.
-
If a stored document cannot be found or its content is altered, unauthorized actions may have been
occurred. If that is the case, similar countermeasures are needed.