6 data security – Konica Minolta IC-308 User Manual
Page 9
9
6 Data Security
6.1 Encryption of Critical Information
Encryption of critical information in the Fiery server ensures
that all passwords and related configuration information are
secure when stored in the Fiery server. NIST 2010 compliant
cryptographic algorithms are used.
6.2 Standard Printing
Jobs submitted to the Fiery server may be sent to one of
the following print queues published by the Fiery server:
• Hold Queue
• Print Queue
• Sequential Print Queue
• Direct Queue (Direct Connection)
• Virtual Printers (custom queues defined by the
Fiery Administrator).
The Fiery Administrator can disable the Print Queue and
Direct queue to limit automatic printing. With passwords
enabled on the Fiery server, this feature limits printing to
Fiery Operators and Administrators.
6.2.1 Hold, Print and Sequential Print Queues
When a job is printed to the Print Queue or the Hold Queue,
the job is spooled to the hard drive on the Fiery server. Jobs
sent to the Hold Queue are held on the Fiery hard drive
until the user submits the job for printing or deletes the job
using a job management utility, such as the Fiery Command
WorkStation, Fiery Command WorkStation ME or Clear Server.
The Sequential Print Queue allows the Fiery server to maintain
the job order on certain jobs sent from the network. The
workflow will be ‘First In, First Out’ (FIFO), respecting the order
in which the jobs were received over the network. Without
Sequential Print Queue enabled, print jobs submitted through
the Fiery server can get out of order due to many factors, such
as the Fiery server allowing smaller jobs to skip ahead while
larger jobs are spooling.
6.2.2 Printed Queue
Jobs sent to the Print Queue are stored in the Printed
Queue on the Fiery server, if enabled. The Administrator
can define the number of jobs kept in the Printed Queue.
When the Printed Queue is disabled, jobs are deleted
automatically after being printed.
6.2.3 Direct Queue (Direct Connection)
Direct Queue is designed for font downloading and
applications that require direct connection to PostScript
module in the Fiery server.
EFI does not recommend printing to the Direct Queue.
Fiery server deletes all jobs sent via the direct connection
after printing. However EFI does not guarantee that all
temporary files relating to the job are deleted.
Jobs of VDP, PDF, or TIFF file types are rerouted to the
Print queue when sent to the Direct queue. Jobs sent via
the SMB network service may be routed to the Print queue
when sent to the Direct queue.
6.2.4 Job Deletion
When a job is deleted from the Fiery server automatically or
using Fiery tools, the job cannot be viewed or retrieved using
Fiery tools. If the job was spooled to the Fiery HDD, the job’s
elements may remain on the HDD and could theoretically be
recovered with certain tools, such as forensic disk analysis tools.
6.2.5 Secure Erase
Secure Erase is designed to remove the content of a
submitted job from the Fiery HDD whenever a Fiery function
deletes a job. At the instance of deletion, each job source file
is overwritten three times using an algorithm based on US
DoD specification DoD5220.22M.
The following limitations and restrictions apply to secure erase:
• It does not apply to job files not located in systems other than
the Fiery server, such as:
– Copies of the job load balanced to another Fiery server.
– Copies of the job archived to media or network drives.
– Copies of the job located on client workstations.
– Pages of a job merged or copied entirely into another job.
• It does not delete any entries from the job log.
• If the system is manually powered off before a job deletion has
finished, there is no guarantee that the job will be fully deleted.
• It does not delete any job data that may have been written to
disk due to disk swapping and disk caching.
• Jobs submitted through FTP server may be saved by the FTP
client before being passed to the Fiery system software. Because
the Fiery system software has no control over this process, the
system cannot securely erase the jobs saved by the FTP client.
• Jobs printed via SMB go through the spooler on the Fiery
server, which saves the jobs to disk. Because the Fiery
system software has no control over this process, the system
cannot securely erase these jobs
Note: Disk swapping occurs when memory needs to be
swapped to disk to create more virtual memory than there
is physical memory. This process is handled in the operating
system layer, and the Fiery server has no control over it.
However, disk swap space is regularly re-written during the
operating system operation as various segments of memory
are moved between memory and disk. This process can lead
to some job segments being stored to disk temporarily.