Please note, we are experiencing intermittent issues on the platform which we are investigating. You may experience issues with submitting comments. If you do encounter issues, please resubmit your comment. Please accept our apologies for any inconvenience caused

We use cookies to give you the best experience and to help improve our website

Find out what cookies we use and how to disable them

ISO/IEC NP 7184 Office equipment -- Guidelines and minimum requirements for security of hard copy devices (HCD) -- Part 1: Definition of the high -- level minimum requirements

Source:
ISO
Committee:
IST/3 - (Disbanded 29.11.24 See W/-)IT Printers and Cartridges
Categories:
Information management | Standardization. General rules | ICT | Information technology | Office machines | Image technology | Graphic technology | Reproduction equipment

Scope

This document defines minimum security requirements for the protection of devices including identification and authentication, security management, software update, mass storage data protection, network data protection and PSTN Fax-Network Separation.

It can be applied to Office Equipment with network functions including printers, scanners, fax machines, digital copiers, and digital multi-function machines (HCDs).

Purpose

With the spread of IoT devices, cyber attacks targeting IoT devices are on the rise. Security measures for IoT devices are required in various countries around the world. In the field of office equipment as well, it is necessary for customers to use multifunction devices, printers, scanners, and fax machines that have network functions with peace of mind. Therefore, each manufacturer must provide products that incorporate the necessary security measures.

The purpose of this standard is to define the minimum requirements for cyber security measures for office equipment with network functions, and the evaluation methods and criteria for evaluating conformity with the requirements.

On the other hand, in Japan, in order to respond quickly to the recent social situation, JBMIA (Japan Business Machine and Information System Industries Association) which is the office equipment industry group is leading the security evaluation system based on the voluntary conformity declaration and is about to start operation in 2021.

This standard is based on the cyber security measure requirements and evaluation methods / judgment criteria used for its operation.

The following structure is proposed:

Part 1: define the high-level minimum requirements.

Part 2: evaluation methods and judgment criteria. Subsequent parts may be developed as required.

Comment on proposal

Required form fields are indicated by an asterisk (*) character.

Discard

Please email further comments to: debbie.stead@bsigroup.com

Follow standard

You are now following this standard. Weekly digest emails will be sent to update you on the following activities:

You can manage your follow preferences from your Account. Please check your mailbox junk folder if you don't receive the weekly email.

Unfollow standard

You have successfully unsubscribed from weekly updates for this standard.

Error