School Climate & Safety

Copy Machines Pose Data Risks

By Pamela Martineau — September 12, 2007 3 min read

School districts aiming to shore up their digital security may overlook a seemingly improbable potential threat: copying machines.

Copiers reside in administrative offices and teacher work areas in virtually every school. Newer models are often multifunctional devices that fax, scan, print, and copy material. Often, they are linked to other machines on a network that can be accessed by computer hackers. The digital models also scan material that is to be copied, leaving sensitive data such as test questions or employee Social Security numbers and addresses buried on the disk drives of the machines. If accessed, such data would be a cheating student’s or identity thief’s treasure.

“A lot of people don’t think about the fact that when you scan a document, [copiers] save the data,” says Bob Moore, the executive director of information technology for the 20,000-student Blue Valley school system in Overland, Kan. “It’s kind of a new issue on people’s radar screens.”

Moore sits on the Consortium for School Networking’s cyber-security committee. He says copier security is an issue the committee will likely examine in more detail this school year.

Larry Kovnat, a product-security manager for Xerox, says he is increasingly fielding calls from school district administrators asking how they can keep their copiers secure.

“I think it’s getting more attention all the time,” says Kovnat. “We’re trying to educate our customers about what they need to be concerned about.”

To begin with, he says, “the devices that are multifunctional devices are just like computers. … [T]hey’re subject to network attacks. And there’s so much information flowing in and out of the devices.

“What happens after the job is finished,” Kovnat says, “is what’s of concern.”

Many school districts have a central IT department that monitors all copiers districtwide, using the machines’ Internet protocol, or IP, addresses, which electronic devices use to communicate with each other on a computer network. Experts say districts should close IP access ports on machines and maintain only one access point for the entire system if possible, which allows fewer access points for hackers.

Administrators also should take care not to put an IP address on the front of a machine. Public access to an IP address allows people with malicious intent to write the address down and access the system from another location.

Kovnat says school officials also can register on to receive alerts on software threats. The site notifies users about software patches they can obtain to fix such threats.

“You have to keep [the multifunctional devices] updated just like any other computer,” says Kovnat.

Wiping Away Data

Newer models of copiers usually have an image-overwrite function, which will wipe away data after a job is finished. The data are written over with illegible symbols, says Kovnat. If a district has older machines without the overwrite function, they can buy an upgrade to obtain the feature.

Requiring pass codes on copiers also helps restrict user access to the machines. Moore of the Blue Valley schools warns, however, that “a pass code is only as good as the person who uses it.” If someone passes along the code to unauthorized users, the security of the machine is compromised. That’s why experts recommend that district officials warn users of the machines of the security threats of passing along the codes.

Educating staff members about the security risks of copiers is critical, security analysts warn, especially since many people aren’t aware that the machines pose a threat. Sharp Document Solutions Co. of America, a copying-machine manufacturer based in Mahwah, N.J., commissioned a survey in January that found that more than half the 1,005 adults polled did not know of the security risks of digital copiers.

Related Tags:

A version of this article appeared in the September 12, 2007 edition of Digital Directions as Copy Machines Pose Data Risks


Jobs The EdWeek Top School Jobs Virtual Career Fair
Find teaching jobs and other jobs in K-12 education at the EdWeek Top School Jobs virtual career fair.
This content is provided by our sponsor. It is not written by and does not necessarily reflect the views of Education Week's editorial staff.
Mathematics Webinar
Engaging Young Students to Accelerate Math Learning
Join learning scientists and inspiring district leaders, for a timely panel discussion addressing a school district’s approach to doubling and tripling Math gains during Covid. What started as a goal to address learning gaps in
Content provided by Age of Learning & Digital Promise, Harlingen CISD
This content is provided by our sponsor. It is not written by and does not necessarily reflect the views of Education Week's editorial staff.
Curriculum Webinar
How to Power Your Curriculum With Digital Books
Register for this can’t miss session looking at best practices for utilizing digital books to support their curriculum.
Content provided by OverDrive

EdWeek Top School Jobs

Teacher Jobs
Search over ten thousand teaching jobs nationwide — elementary, middle, high school and more.
View Jobs
Principal Jobs
Find hundreds of jobs for principals, assistant principals, and other school leadership roles.
View Jobs
Administrator Jobs
Over a thousand district-level jobs: superintendents, directors, more.
View Jobs
Support Staff Jobs
Search thousands of jobs, from paraprofessionals to counselors and more.
View Jobs

Read Next

School Climate & Safety Interactive Which Districts Have Cut School Policing Programs?
Which districts have taken steps to reduce their school policing programs or eliminate SRO positions? And what do those districts' demographics look like? Find out with Education Week's new interactive database.
A police officer walks down a hall inside a school
Collage by Vanessa Solis/Education Week (images: Michael Blann/Digital/Vision; Kristen Prahl/iStock/Getty Images Plus )
School Climate & Safety These Districts Defunded Their School Police. What Happened Next?
Six profiles of districts illustrate the tensions, successes, and concerns that have accompanied the changes they've made to their school police programs over the last year.
Deering High School in Portland, Maine, one of two schools to have their SROs removed.
Deering High School in Portland, Maine, one of two schools to have their SROs removed.
Ryan David Brown for Education Week
School Climate & Safety Defunded, Removed, and Put in Check: School Police a Year After George Floyd
Education Week has identified 40 school districts that defunded their police after last summer's Black Lives Matter protests.
Police officer outside of a school
Collage by Vanessa Solis/Education Week (image: Bastiaan Slabbers/iStock)
School Climate & Safety Biden Team to Revisit How Schools Should Ensure Racial Equity in Discipline
The Trump administration pulled a directive on fair discipline for students of color. Biden's Education Department will review the issue.
4 min read
a student sits alone in a hallway
Collage by Laura Baker/Education Week (Image: DigitalVision)