British Standards Institution

Source:: ISO
Committee:: IST/3 - IT Printers and Cartridges
Categories:: Information management | Standardization. General rules | ICT | Information technology | Office machines | Image technology | Graphic technology | Reproduction equipment

Scope

This document defines minimum security requirements for the protection of devices including identification and authentication, security management, software update, mass storage data protection, network data protection and PSTN Fax-Network Separation.

It can be applied to Office Equipment with network functions including printers, scanners, fax machines, digital copiers, and digital multi-function machines (HCDs).

Purpose

With the spread of IoT devices, cyber attacks targeting IoT devices are on the rise. Security measures for IoT devices are required in various countries around the world. In the field of office equipment as well, it is necessary for customers to use multifunction devices, printers, scanners, and fax machines that have network functions with peace of mind. Therefore, each manufacturer must provide products that incorporate the necessary security measures.

The purpose of this standard is to define the minimum requirements for cyber security measures for office equipment with network functions, and the evaluation methods and criteria for evaluating conformity with the requirements.

On the other hand, in Japan, in order to respond quickly to the recent social situation, JBMIA (Japan Business Machine and Information System Industries Association) which is the office equipment industry group is leading the security evaluation system based on the voluntary conformity declaration and is about to start operation in 2021.

This standard is based on the cyber security measure requirements and evaluation methods / judgment criteria used for its operation.

The following structure is proposed:

Part 1: define the high-level minimum requirements.

Part 2: evaluation methods and judgment criteria. Subsequent parts may be developed as required.

Comment on proposal

Required form fields are indicated by an asterisk (*) character.

How important do you think standardization is in this area? *

Do you agree that a standard on this subject is feasible?: *

Please give reasons for your selections above: *

Would you or your organization use the standard? *

Would you or your organization be prepared to participate in the development of the standard or to comment on the draft when it is available? *

Are you aware of any regulation, existing standards and other good practice information in this area in the UK (e.g. Industry codes of practice; company specifications, international or European Standards)? *

Would the development of a standard(s) in this area have a particular impact/relevance to SME, consumer, environmental or societal interests? *

Are you aware of any other organizations to which this proposal may be relevant? If so please provide details below. *

Additional comments on the scope or proposal:

Although BSI will not usually enter into correspondence regarding individual comments or suggestions we may wish to contact you to seek further clarification. Please indicate whether this will be acceptable: *

Discard

Please email further comments to: debbie.stead@bsigroup.com

Standard timeline

1. Proposal

Proposal start date:

10/03/2021

Proposal end date:

30/04/2021

2. Draft

3. Public Comments

4. Comment Resolution

5. Approval

6. Publication

Learn more about the standards development process

Standards Development

ISO/IEC NP 7184 Office equipment -- Guidelines and minimum requirements for security of hard copy devices (HCD) -- Part 1: Definition of the high -- level minimum requirements

Scope

Purpose

Comment on proposal

Discard changes?

Submit comment

Submit comment

Follow standard

Unfollow standard

Error