summary
Using the product in a protected network environment
Restrict communication with products
Encrypt product communication data
Configure the authentication function of the product
Restrict access to products
Use the latest product software
Precautions when connecting PC client and product
Configure product specific settings
Ricoh product and service security
With the development of the information society, we are facing various threats, such as computer viruses, personal information leakage and unauthorized access. In this case, it is very important to take necessary safety measures. This is important not only for personal computers, servers and networks, but also for other products and services. In order to use Ricoh's products and enjoy corresponding services more safely, we recommend taking the following safety measures.
Using the product in a protected network environment
1. Use the product without connecting to the network or only in a closed network environment
To prevent unauthorized Internet access, please use the product without connecting to the network unless necessary. If you need to communicate with other devices through the intranet, please do not connect to the Internet, but only to your intranet.
2. Only use the product in the firewall and other security networks
Please do not connect the product directly to the Internet. Please only use it in a secure network environment with a firewall or broadband router.
3. Please use non-public IP address
If the product is configured with a globally accessible public IP address, the IP address is at risk of being accessed by an unspecified number of Internet users, and the security risk of information disclosure increases. However, if a non-public IP address is configured, the product can only be accessed through the intranet or local network. Therefore, please set a non-public IP address for the product.
Restrict communication with products
1. Disable unnecessary communication ports
If unnecessary communication ports are opened, the risk of illegal access will increase.
If the product you are using has the communication port shutdown function, please set it to only communicate with the necessary ports.
2. Restrict communication through IP address or MAC address
Some products have the function of communicating only with devices with the specified IP address or MAC address. Please turn on this function to reduce the number of accessible users.
Encrypt product communication data
1. Use HTTPS and other encrypted data communication methods
To prevent information disclosure and tampering, please use HTTPS and other encrypted data communications for products with communication functions.
For the setting method of communication, please refer to the user manual corresponding to the product you purchased. During installation, please use a strong encryption method and set the authentication correctly.
2. Use VPN (Virtual Private Network)
If the product cannot use HTTPS and other encrypted communication methods, please protect network communication through remote access to VPN (SSL, IPsec, etc.).
3. Wireless LAN communication encryption
When the product connects to the wireless LAN, please use encrypted data communication to prevent information disclosure and tampering.
Please pay attention to the following points during installation:
- Hide SSID (Access Point Name).
- Do not use an easily guessed encryption key (password).
- Do not use weak encryption methods such as WEP.
Configure the authentication function of the product
1. Enable the authentication function
If the product has the authentication function, please enable the function to prevent unauthorized users from accessing products or services. For the setting method, please refer to the user manual corresponding to each product.
2. Modify the initial password
Some products have initial administrator and user passwords. Because these passwords can be easily guessed by unauthorized users and used for login, please change the password before using the product.
3. Set complex passwords
Please set a longer and more complex password to prevent unauthorized access.
Only one word or simple password in alphabetical or numerical order can be easily guessed.
Restrict access to products
1. Restrict users who can use the product
To prevent information disclosure and tampering, please use HTTPS and other encrypted data communications for products with communication functions.
For the setting method of communication, please refer to the user manual corresponding to the product you purchased. During installation, please use a strong encryption method and set the authentication correctly.
2. Restrict the functions available to users
If the product cannot use HTTPS and other encrypted communication methods, please protect network communication through remote access to VPN (SSL, IPsec, etc.).
3. Restrict the information that users can access
When the product connects to the wireless LAN, please use encrypted data communication to prevent information disclosure and tampering.
Please pay attention to the following points during installation:
- Hide SSID (Access Point Name).
- Do not use an easily guessed encryption key (password).
- Do not use weak encryption methods such as WEP.
4. Do not provide administrator permission
If the product cannot use HTTPS and other encrypted communication methods, please protect network communication through remote access to VPN (SSL, IPsec, etc.).
Use the latest product software
Firmware and security patches are updated for each product to improve security issues. Therefore, please download and use the latest software to minimize security risks. When you use cloud services, please refer to "Item 7 c. Keep web browser software updated".
Precautions when connecting PC client and product
1. Do not open other websites at the same time when logging in, and do not log out after using
Some products try to access information from another website opened on the same computer. To prevent data leakage and unauthorized access, please do not open other websites when logging into Ricoh products and services. In addition, please log out correctly after using Ricoh products and services.
2. Do not open suspicious URLs or emails
Some URLs try to access information or gain access illegally through your PC. Therefore, do not open these suspicious URLs.
3. Keep the web browser software updated
Web browsers are vulnerable to attacks and there is a risk of unauthorized access. To prevent this vulnerability from being exploited and causing unauthorized access, please keep the web browser software updated.
In addition, please be sure to follow "Item 6 Use the latest product software".
4. Restrict PC client users
If the PC client is used by multiple users at the same time, there may be a risk of improper software installation or unauthorized operation. To prevent this risk, please set screen lock and limit users.
Configure product specific settings
1. Disable unused functions
Many functions are enabled by default in the factory default settings. To reduce the risk of illegal access through these functions, disable the functions that are not used. In addition, if the product cannot use some security patches, please turn off vulnerable features to reduce the risk of unauthorized access.
Please refer to the latest announcements of each product for details.
2. Configure certificate settings and set the correct date/time
When you set up a certificate for your product, use a certificate issued by a trusted third party. If you use a self signed certificate issued by your company, please register it before you use it as a reliable certificate on client computers and other network devices.
In addition, please set the product date and time correctly. Otherwise, the product cannot be certified correctly.
3. Configure the product according to the recommended settings
To improve security, it is necessary to enable special settings for some products.
Please refer to the manuals and announcements of each product to ensure that the correct product settings have been made.
