SAFE-IT
Penumbra Security’s SAFE-IT Testing and Certification Services focus on evaluating the security, functionality, and interoperability of network-connected peripheral devices, such as multifunction printers (MFPs), scanners, copiers, and fax machines, especially when used in enterprise and government environments.
The goal is to certify that devices connected to enterprise networks do not introduce vulnerabilities or security risks, and that they perform securely and reliably under realistic operating conditions.
Penumbra evaluates network attached devices across several domains, including:
Security Functionality
- Authentication mechanisms (e.g., user login, smart card, LDAP)
- Access control (user-level permissions, job-based restrictions)
- Secure communications (TLS/SSL, IPsec)
- Audit logging and event tracking
Data Protection
- Hard drive protection (encryption, overwrite, secure erase)
- Job data confidentiality (print, scan, fax retention policies)
- Secure deletion and end-of-life sanitization procedures
Network Behavior and Protocol Conformance
- Assessment of common protocols (e.g., SNMP, HTTP/HTTPS, FTP, LPD, IPP)
- Verification that network services are securely implemented and do not leak sensitive data
- Conformance to secure printing protocols
Vulnerability Assessment
- Port scanning and service enumeration
- Penetration testing against firmware and OS
- Default password handling
- Firmware update and rollback protection
Physical and Administrative Security
- Administrative interface security (local panel & web UI)
- Role-based access controls
- Support for centralized management tools
Default Configuration Analysis
- Evaluation of out-of-box security posture
- Assessment of whether secure settings are enabled by default
- Guidance to harden the device