* Enter the name of the utility key. You can search descriptions of utility keys.

Enhanced Security Mode

To display: [Utility][Administrator Settings][Security Settings][Enhanced Security Mode]

Select whether to enable the Enhanced Security Mode.

If you enable the Enhanced Security Mode, the various security functions are forcibly configured. This allows you to ensure higher-level security of data management. For details, contact your service representative.

To enable the enhanced security mode, the following settings must have been configured.

Prerequisite settings

Check Job

[User Authentication/Account Track] - [General Settings] - [User Authentication]

Set to [Authenticate].

(When external server authentication is used, only Active Directory is available as the server type.)

[Security Settings] - [Administrator Password]

Set a password complying with password rules.

[Security Settings] - [Storage Management Settings] - [HDD Encryption Setting]

Enable the HDD Encryption.

In Web Connection, register the certificate.

For details, refer to [Creating a certificate for this machine to communicate via SSL] .

Service settings

Service settings must be configured by your service representative.

For details, contact your service representative.

If you enable the Enhanced Security Mode, the following settings are forcibly changed.

Setting items in Administrator Settings

Settings to forcibly changed

[System Settings] - [Restrict User Access] - [Restrict Access to Job Settings] - [Registering and Changing Addresses]*

Set to [Restrict].

[User Authentication/Account Track] - [General Settings] - [Public User Access]*

Set to [Restrict].

[User Authentication/Account Track] - [User Authentication Settings] - [Administrative Settings] - [User Name List]*

Set to [OFF].

[User Authentication/Account Track] - [Print without Authentication]*

Set to [Restrict].

[User Authentication/Account Track] - [User/Account Common Setting] - [Counter Remote Control]

Set to [Restrict].

[User Authentication/Account Track] - [URL Home Settings]

Set to [Disable].

[User Authentication/Account Track] - [Simple Auth. setting] - [Authentication Setting]*

Set to [Restrict].

[Network Settings] - [FTP Settings] - [FTP Server Settings]*

Set to [OFF].

[Network Settings] - [E-Mail Settings] - [E-Mail TX (SMTP)] - [Server Capacity Reduction Send Method]

When [Stop URL when max. limit is exceeded] or [Always Send via URL] is selected, this option is set to [OFF].

[Network Settings] - [E-Mail Settings] - [S/MIME Communication Settings]*

  • [Automatically Obtain Certificates] is set to [No].

  • [3DES] is set if [E-Mail Text Encryption Method] has been set to one of [RC2-40], [RC2-64], [RC2-128], and [DES].

[Network Settings] - [SNMP Settings] - [SNMP v1/v2c Settings] - [Write Setting]*

Set to [Invalid].

[Network Settings] - [SNMP Settings] - [SNMP v3 Settings]*

[Security Level] for read and write allowed users is set to [auth-password/priv-password].

The Security Level can be changed to [auth-password].

[Network Settings] - [TCP Socket Settings] - [TCP Socket] - [Use SSL/TLS]

Set to [ON].

[Network Settings] - [WebDAV Settings] - [WebDAV Server Settings] - [SSL Setting]

Set to [SSL Only].

[Network Settings] - [Web Browser Setting]*

Set to [OFF].

[Network Settings]-[Remote Panel Settings]*

  • [Client Settings]: Set to [OFF].

  • [Server Setting]: Set to [OFF].

[Network Settings] - [Machine Update Settings] - [Machine Auto Update setting]*

This function is not available.

[Network Settings] - [IWS Settings]*

Set to [OFF].

[Fax Settings] - [Report Settings] - [Tx Result Report Print Setting] - [Report File Attachment]*

Set to [Without Attachment].

[System Connection] - [OpenAPI Settings] - [SSL/Port Settings] - [SSL Setting]

Set to [SSL Only].

[System Connection] - [Mobile Connection Settings] - [Simple Connection Setting]*

  • [QR Code Display Setting]: Set to [OFF].

  • [Enable NFC]: Set to [OFF].

  • [Enable Bluetooth LE]: Set to [OFF].

[Security Settings] - [Administrator Password Change Permission Setting]

Set to [Restrict].

[Security Settings] - [User Box Administrator Setting]*

Set to [Restrict].

[Security Settings] - [USB Connection Permission setting]

Set to [Restrict].

[Security Settings] - [Security Details] - [Password Rules]*

Set to [Enable].

If [Enable] cannot be selected for the Password Rules, you cannot enable the Enhanced Security Mode.

[Security Settings] - [Security Details] - [Prohibited Functions When Authentication Error]*

  • [Prohibit Functions When Auth. Error] is set to [Mode 2] and [No. of Tries] is set to [3]. No. of tries can be changed in the range between [1] and [3].

  • [Release Time Settings]: Limited to [5] minutes. This value cannot be less than five minutes.

[Security Settings] - [Security Details] - [Confidential Document Access Method]

Set to [Mode 2].

[Security Settings] - [Security Details] - [Print Data Capture]

Set to [Restrict].

[Security Settings] - [Security Details] - [Hide Personal Information (MIB)]

Set to [ON].

[Security Settings] - [Security Details] - [Initialize]*

If you select [Network Settings] and start it, the Enhanced Security Mode is canceled.

[Remote Access Setting] - [Import/Export User Data]

Set to [Restrict].

[Maintenance] - [Import/Export] in Web Connection

The password must be configured.

[Security] - [PKI Settings] - [Device Certificate Setting] in Web Connection

[Requesting Certificate] is hidden.

[Security] - [PKI Settings] - [SSL Setting] in Web Connection*

  • [Mode using SSL/TLS]: Set to [Admin. Mode and User Mode].

  • [Encryption Strength]: If it has been set to [AES-256, 3DES-168, RC4-128, DES-56, RC4-40] or [AES-256, 3DES-168, RC4-128], it is changed to [AES-256, 3DES-168].

[Security] - [PKI Settings] - [Protocol Setting] in Web Connection

[Protocol 1]: [SSL], [Protocol 2]: The certificate is registered in the [http Server].

Remote Diagnosis System

Some functions may be disabled. For details, contact your service representative.

Preview Secure Document User Box

Only the list is displayed before the password authentication is performed.

[Security Settings] - [Maintenance Mode Permission]

Set to [Restrict].

Tips
  • If you change a setting item (marked by an asterisk *) that has been changed synchronously with [Enhanced Security Mode], a confirmation dialog box appears, and the Enhanced Security Mode is canceled.

  • A setting that has been forcibly changed when the [Enhanced Security Mode] was enabled will not be changed if you disable the [Enhanced Security Mode].

  • Once the password rules have been enabled, an item for which a password that do not comply with the rules has been configured will result in authentication failure.