What type of security requirements does your office require? Does the device have the security features tomeet this demand? Can device access be password protected? Does the device remove latent images on diskdrives and in memory? Does the MFP vendor participate in third-party testing and certification?Built-in SecurityXerox is committed to the security of its products and takes a unique approach to security within thedocument industry: Xerox believes security should be built in as a core component of the MFPsystem and its controller.The WorkCentre 7655/7665/7675 series offers built-in security features for physical and network-basedaccess controls, user authentication, usage tracking, file encryption, and file deletion to fully complywith the IT organization’s information security policies. This is accomplished through intelligent designarchitecture that complies with stringent industry security standards and increasing regulations in thegovernment, military, health care (HIPAA), legal (Sarbanes-Oxley), financial (Gramm-Leach-Biley Act) andpharmaceutical (FDA 21 CFR Part 11) sectors. The security capabilities of WorkCentre 7655/7665/7675series MFPs can be further extended with solutions from Xerox Business Alliance Partners.Security features of the WorkCentre 7655/7665/7675 series include:• 802.1x Support — Ensures devices connected to the network are properly authorized• Analog Fax and Network Isolation — Controller architecture isolates the fax telephone line andthe network connection to foil incoming attacks• Authentication- System Administrator Authentication — The WorkCentre 7655/7665/7675 series allows accessto administrative web pages to be restricted to authorized employees. Device Access PasswordProtection further restricts access to device setup screens and remote network settings- Network Authentication — Manage access to copy, scan, email, and fax features by validatingnetwork user names and passwords- Copy Auditron — Restricts user access to the device, sets limits for users and groups, tracksjobs and provides reports• Firewall — Restricts access via IP Address Filtering, Domain Filtering,and Port Blocking• Image Overwrite Security — Electronically erases data that has beenprocessed to the hard disk in print, copy, scan, and fax modes usinga three-pass algorithm specified by U.S. Department of DefenseDirective 5200.28-M at regular, pre-selected times• Internal Security Audit Log — Permits tracking of activity at the device,satisfying the needs of organizations that must provide logging of thetransfer of Personally Identifiable Information per regulations likeHIPAA, Sarbanes-Oxley, Gramm-Leach-Bliley Act, and more14 WORKCENTRE 7655/7665/7675 EVALUATOR GUIDEHOW THE XEROX WORKCENTRE® 7655/7665/7675 SERIESEXCEEDS THE SECURITY CAPABILITIES REQUIREMENTSECURITY CAPABILITIESEVALUATEADVANTAGEXEROXCommon Criteria Certification:The National Information AssurancePartnership (NIAP) is a U.S. government ini-tiative to meet the security testing ofCommon Criteria, and is a collaborationbetween the National Institute of Standardsand Technology (NIST) and the NationalSecurity Agency (NSA). Common Criteriafor IT Security Evaluation is an interna-tionally recognized methodology (ISO15408) for evaluating the security claims ofhardware and software vendors. The fivemajor elements of Common Criteria areavailability, integrity, confidentiality,accountability and nonrepudiation.