Encrypting Data on the Machine

Keep SD cards and USB flash memory devices out of reach of children. If a child accidentally swallows an SD card or USB flash memory device, consult a doctor immediately.

Even if the memory device or hard disk (when the optional hard disk is installed) is stolen, data leakage can be prevented by encrypting the data on the machine, such as Address Book, authentication data, and files. When the optional hard disk is not installed, the data stored in the machine's NVRAM is encrypted. When the optional hard disk is installed, the documents stored on the hard disk are also encrypted.

Once encryption is enabled, all data subsequently stored on the machine will be encrypted.

You can also choose to encrypt or delete the data currently stored on the machine.

The encryption algorithm is AES-256.

Data that is encrypted

This function encrypts data that is stored in the machine's NVRAM (memory that remains even after the machine is turned off) and on the hard disk (when the optional hard disk is installed).

The following data is encrypted:

Address Book data
User authentication information
Temporary stored documents
Logs
Network I/F setting information
System settings information

Type of encryption

Specify whether to encrypt existing data and keep it on the machine or delete (initialize) it. Encryption takes time if a large amount of data is to be kept. The NVRAM data will not be deleted (initialized).

Setting	Data to be kept	Data to be initialized	Required time
CarryOver FileSys DataOnly	Embedded Software Architecture applications' program/log Address Book Registered fonts Job logs/access logs Spooled jobs	Locked Print files / Sample Print files / Stored Print files / Hold Print files (when the optional hard disk is installed)	1 hour and 45 minutes
Carry Over All Data	All Data: Both the data to be kept and not to be kept when [CarryOver FileSys DataOnly] is specified.	None	3 hours
Format All Data	None	All Data: Both the data to be kept and not to be kept when [CarryOver FileSys DataOnly] is specified.	Several minutes

Setting

Data to be kept

Data to be initialized

Required time

CarryOver FileSys DataOnly

Embedded Software Architecture applications' program/log
Address Book
Registered fonts
Job logs/access logs
Spooled jobs

Locked Print files / Sample Print files / Stored Print files / Hold Print files (when the optional hard disk is installed)

1 hour and 45 minutes

Carry Over All Data

All Data:

Both the data to be kept and not to be kept when [CarryOver FileSys DataOnly] is specified.

None

3 hours

Format All Data

None

All Data:

Both the data to be kept and not to be kept when [CarryOver FileSys DataOnly] is specified.

Several minutes

Notes for enabling encryption settings

If you use Embedded Software Architecture application or App2Me, be sure to specify [CarryOver FileSys DataOnly] or [Carry Over All Data].
Note that the machine's settings will not be initialized to their system defaults even if [Format All Data], [CarryOver FileSys DataOnly], or [Carry Over All Data] is specified.

Restoring data

To transfer data to a new machine, restore the encrypted data. For details, ask the service representative.
The encryption key used for data encryption is required to restore the data.
You can specify whether to print the encryption key or store it on an SD card.
You can change the encryption key later.