Staff managing purchasing and disposing of printers and photocopiers should adhere to these guidelines in order to ensure security of
the University’s data.
In preference, purchase Printers and Photocopiers with an encryption option.
#
|
Topic
|
Requirement
|
Examples of Security Standard Controls met |
1 |
Encryption Option |
- Products with hard drives should have an encryption option and should be configured by the vendor to encrypt by default.
- If the vendor cannot enable encryption by default, ensure your IT support enables the option upon receipt of equipment.
- As an alternative, users may also choose a configuration option to automatically overwrite data on the hard drive.
|
|
2 |
No Encryption Option |
- Ensure the lease agreement stipulates that the machine’s hard drive will be destroyed upon return and proof will be provided.
- If hard drive destruction is not offered by the vendor, request for the hard drive to be wiped instead.
- Always request proof from the vendor that the drive was properly wiped.
- If the vendor does not offer either service, request to remove the hard drives at U of T and wipe / destroy them before returning the equipment. This agreement should be in writing.
|
|
Questions? Please contact ITS for any questions, concerns or further guidance.
(Original document available here).