Multi Functional Devices

Initial Setup and Configuration Recommendations

  1. Register the device on a private subnet that is not internet-accessible
  2. Change the default Admin Password in TopAccess (more information)
  3. Printer port and SNMP changes needed (more information).
  4. Disable any unnecessary network services in TopAccess (more information):
    • IPX/SPX - not required
    • AppleTalk - not required
    • Bonjour - not required
    • SMB Session - disabled, but required if using scanning to network functionality
    • NetWare Session - not required
    • LDAP Disabled - not required
    • SMTP Client - disabled, but required if using scanning to email functionality
    • SMTP Server - not required
    • POP3 Network Service - not required
    • SNTP Service - not required
    • FTP Server - not required
  5. Configure IP Filtering
    • Set it so that it only accept connections from the specified network ranges or subnets
    • Configure the devices so that only authorized subnets are able to connect to the device. This does not restrict access to the web interface on the copier itself, and it will remain accessible regardless of IP filtering configuration.
    • If specific users are granted temporary access to the printer, create an exception in the IP filtering to allow their specific IP address to connect
  6. Ensure that e-filing mailboxes are configured in TopAccess (more information) to remove documents after a day
    • Change the box-specific document properties for each e-filing mailbox, check Delete Documents Automatically, and set it to preserve documents for one day
    • Where you can, specify in TopAccess (more information) a network share with overt share and file level security as opposed to internal drive
  7. Ensure the service provider completes the updates as per the contract terms
  8. Purchase and implement a disk-wide encryption solution and, if applicable, a FAX scrambler
  9. If a service technician is working on the copier, there should be a UWO representative present due to potentially sensitive data on the internal disk
  10. If the hard disk physically fails, or when a device is being returned to a 3rd party (permanently or for repair), take appropriate security precautions to wipe data and/or destroy the hard disk, as there may still be sensitive data on the disk. Reference the following disposal-related resources, recognizing that MFDs are, in fact, servers:
  11. If there is sensitive data on the copier ensure that the device is in a secure, monitored area
  12. Printer port and SNMP changes needed (more information).

Western provides the best student experience among Canada's leading research-intensive universities.