Skip to content
Log In

Multifunction Device and Network Printers STIG

Rules, Groups, and Values defined within the XCCDF Benchmark

  • A MFD device, with scan to hard disk functionality used, is not configured to clear the hard disk between jobs.

    If the MFD is compromised the un-cleared, previously used, space on the hard disk drive can be read which can lead to a compromise of sensitive data. The SA will ensure the device is configured to ...
    Rule Medium Severity
    Show

  • MFD Scan Discretionary Access Control

    Group
    Show

  • Scan to a file share is enabled but the file shares do not have the appropriate discretionary access control list in place.

    Without appropriate discretionary access controls unauthorized individuals may read the scanned data. This can lead to a compromise of sensitive data. The SA will ensure file shares have the appro...
    Rule Low Severity
    Show

  • MFD fax from network auditing

    Group
    Show

  • Auditing of user access and fax logs must be enabled when fax from the network is enabled.

    Without auditing the originator and destination of a fax cannot be determined. Prosecuting of an individual who maliciously compromises sensitive data via a fax will be hindered without audits. Th...
    Rule Low Severity
    Show

  • MFD scan to SMTP (email)

    Group
    Show

  • MFDs must not allow scan to SMTP (email).

    The SMTP engines found on the MFDs reviewed when writing the MFD STIG did not have robust enough security features supporting scan to email. Because of the lack of robust security, scan to email wi...
    Rule Medium Severity
    Show

  • MFD Hard Drive Lock

    Group
    Show

  • A MFD device does not have a mechanism to lock and prevent access to the hard drive.

    If the hard disk drive of a MFD can be removed from the MFD the data on the drive can be recovered and read. This can lead to a compromise of sensitive data. The IAO will ensure the device has a ...
    Rule Medium Severity
    Show

  • MFD/Printer Global Configuration Settings

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules