Color copiers earn security clearance

They're not firewalls, nor are they public-key infrastructures, but six Xerox color copiers and multifunction devices recently earned Common Criteria Certification from the National Information Assurance Partnership (NIAP), Xerox officials said today.

The Xerox WorkCentre Pro C2128, C2636 and C3545 multifunction devices, and the CopyCentre C2128, C2636 and C3545 color copiers each were certified at Evaluation Assurance Level 2 (EAL 2). There are seven EALs, with EAL 7 providing the highest security assurance.

Specifically, NIAP certified the Xerox products based on their Image Overwrite Security option, which electronically shreds documents, and embedded fax security, which protects information by keeping fax lines and network connections separate.

The Xerox products become the first complete color office systems to earn Common Criteria standing. Twelve black-and-white WorkCentre and CopyCentre devices reached Common Criteria EAL 2 earlier this year.

"Customers can now capitalize on the impact of color while trusting that their highly sensitive documents and intellectual property will remain secure," said Tim Williams, president of the Xerox Office Group, in a statement.

Xerox is not the only printing company to go through Common Criteria testing. Konica Minolta Business Technologies Inc.'s Bizhub Pro Control software is certified at EAL 3. It can be installed on Konica multifunction devices to keep document data secure. Similarly, security software add-on kits from Canon USA and Sharp Corp. have been certified up to EAL 3.

Many government agencies, particularly in the Defense Department, require Common Criteria Certification for IT products they use.


  • automated processes (Nikolay Klimenko/

    How the Army’s DORA bot cuts manual work for contracting professionals

    Thanks to robotic process automation, the time it takes Army contracting professionals to determine whether prospective vendors should receive a contract has been cut from an hour to just five minutes.

  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

Stay Connected