Epson Security Statement

・Enabling/disabling the computer's USB connection USB access from a computer to the device can be disabled.

・Enabling/disabling external memory interfaces Memory card or USB memory interfaces can be disabled.

・Addressing virus intrusions through USB memory Since there is no functionality to run a program from a USB memory, there is no risk of viruses being transmitted from a USB memory to the device.

・Password-protected printing This feature enables printing only when password is entered directly on the device. Using this feature prevents data leaks that result from unauthorized browsing of the documents in the printer output bin.

・Watermark printing This feature enables the creation of original documents with embedded watermark patterns. If someone attempts to copy or scan these documents, words such as “copy” or “duplicate” will appear, helping to reduce unauthorized use.

・Stamp mark feature It allows superimposing stamp marks, such as “Classified” or “Important,” on documents when printing. Reminding the recipient of the importance of being cautious when handling the document can minimize unauthorized use.

・ Encrypted PDF Scanned data can be converted into an encrypted PDF file. It prevents unauthorized third parties from browsing scanned documents.

・Address book protection Requiring an administrator password for bulk editing of the address book on the device helps prevent data leaks and unauthorized data tampering. Moreover, batch export is saved as an encrypted file, preventing any leakage of fax numbers, email addresses, and other personal information during operations such as replacing the device or performing a backup.

・Handling document data for processing on the device Print, copy, and scan data is temporarily stored on the device but is deleted after the target job completion or if the device loses power.

・Password encryption All the important customer passwords stored in the device are encrypted to protect them from leakage.

・Panel lock When using the panel lock feature, the administrator password will be required to change any settings through the device control panel. Making it impossible to access the settings screen directly prevents configuration changes by users in environments such as open offices or public facilities.

・Limited user access It is possible to limit which functions (print, copy, scan, fax, box) are available to each user. Additionally, after logging in to the control panel, the user will be automatically logged out after a certain period of inactivity.

・Authenticated printing and authenticated scanning With the Epson Print Admin or Epson Print Admin Serverless option, it is possible to use an IC card or another authentication device to ensure that printing or scanning is performed in front of an authorized person. This helps prevent the misplacement of printed documents and information leaks from printed and scanned materials.

・Device initialization When disposing of or transferring a device to another party, all the configurations and data stored in the device can be reset to factory defaults in order to prevent leakage of confidential information.

・Password-protected printing This feature enables printing only when password is entered directly on the device. Using this feature prevents data leaks that result from unauthorized browsing of the documents in the printer output bin.

・Watermark printing This feature enables the creation of original documents with embedded watermark patterns. If someone attempts to copy or scan these documents, words such as “copy” or “duplicate” will appear, helping to reduce unauthorized use.

・Stamp mark feature It allows superimposing stamp marks, such as “Classified” or “Important,” on documents when printing. Reminding the recipient of the importance of being cautious when handling the document can minimize unauthorized use.

・Handling document data for processing on the device Print, copy, and scan data is temporarily stored on the device but is deleted after the target job completion or if the device loses power.

・Password encryption All the important passwords stored in the device are encrypted to protect them from leakage.

・Panel lock When using the panel lock feature, the administrator password will be required to change any settings through the device control panel. Making it impossible to access the settings screen directly prevents configuration changes by users in environments such as open offices or public facilities.

・Device initialization When disposing of or transferring a device to another party, all the configurations and data stored in the device can be reset to factory defaults in order to prevent leakage of confidential information.

・Enabling/disabling settings for various interfaces (fixed use via USB, or Network, or Serial I/F) Unauthorized external access can be prevented by setting a fixed interface for the customer's use, for example, by blocking network communication. Additionally, unauthorized intrusions in the local environment through USB PnP connections can be prevented by disabling USB communication. However, peripheral devices (such as Barcode Scanners and Display Modules) can remain connected via USB-TypeA.

・IPsec/IP filtering (Security Architecture for Internet Protocol/Internet Protocol filtering) IPsec protocol encrypts communications between the printer and a computer or user, protecting the data from leaking.
IP filtering approves the transmitted data by their IP address and prevents unauthorized access by filtering out the transmitted data from unauthorized terminal devices.

・HTTPS/TLS connection (Hypertext Transfer Protocol Secure/Transport Layer Security connection) When accessing the internal Web server (WebConfig), incoming communications are encrypted to help safeguard against data leaks. Additionally, encryption protects any information sent through the server's direct print function, such as receipt data. We utilize the latest encryption technology, TLS1.3.

・IEEE 802.1X, WPA3 (Wi-Fi Protected Access 3) IEEE 802.1X is an authentication standard that prevents unauthorized devices from being able to connect to a LAN network. It allows using the device in a network environment requiring high security.
WPA3 is the latest standard for wireless local network security. All devices with the Wi-Fi function use WPA3, protecting important customer information assets from data leaks and tampering.

・SNMPv3 (Simple Network Management Protocol version 3) SNMPv3 is a protocol for monitoring and controlling information on devices that supports encryption and authentication. SNMPv3 protects the device from unauthorized configuration changes and data leaks.

・Firmware signature verification The use of digital signature technology prevents unauthorized firmware updates. When the device is prompted for a firmware update, this feature checks the attached digital signature and only executes the update if the firmware is authorized.

・Password encryption and password policies The customer password saved in the device is encrypted to protect it from leaks. This password is required to view and change settings using the Settings tool (WebConfig).

・Disposal of print data The label data (print data), used for business operations, is deleted after printing to protect the data from leaks and tampering. However, your logo, additional information, and customized settings are recorded in non-volatile memory and retained even after printing or while rebooting.

・User data initialization and resetting to factory defaults When disposing of or moving a device to another location, all the configurations and data recorded in the unit (stored in non-volatile memory) are reset to factory defaults (initialized) to prevent leaks of information, such as the logo and print settings.

・Run-time intrusion detection This function monitors control programs running on the device and terminates unauthorized invasive programs.

・Enabling/disabling network function settings (fixed use via USB) Blocking the network function helps ensure the prevention of unauthorized external intrusions.

・IPsec/IP filtering (Security Architecture for Internet Protocol/Internet Protocol filtering) IPsec protocol encrypts communications between the printer and a computer or user, protecting the data from leaking.
IP filtering approves the transmitted data by their IP address and prevents unauthorized access by filtering out the transmitted data from unauthorized terminal devices.

・HTTPS/TLS connection (Hypertext Transfer Protocol Secure/Transport Layer Security connection) These protocols encrypt the transmitted data when they access the internal Web server (WebConfig), helping prevent data leaks.
Epson uses TLS1.3, the latest encryption technology.

・IEEE 802.1X, WPA3 (Wi-Fi Protected Access 3) IEEE 802.1X is an authentication standard that prevents unauthorized devices from being able to connect to a LAN network. It allows using the device in a network environment requiring high security.
WPA3 is the latest standard for wireless local network security. All devices with the Wi-Fi function use WPA3, protecting important customer information assets from data leaks and tampering.

・SNMPv3 (Simple Network Management Protocol version 3) SNMPv3 is a protocol for monitoring and controlling information on devices that supports encryption and authentication. SNMPv3 protects the device from unauthorized configuration changes and data leaks.

・Firmware signature verification The use of digital signature technology prevents unauthorized firmware updates. When the device is prompted for a firmware update, this feature checks the attached digital signature and only executes the update if the firmware is authorized.

・Secure boot This feature checks the program code upon the device startup and only allows its operation after successful confirmation of the code.

・Password encryption Passswords saved in the device are encrypted to protect them from leaks

・TPM(Trusted Platform Module: security chip) Critically important information (such as private keys) used for encryption is stored on a dedicated security chip (TPM) installed on the device.

・Encryption of data recorded on SSD When data is recorded to the SSD within the device, the same content is encrypted.
This way, all the important customer data is protected from data leaks and tampering.

・Initialization of user data and erasing stored data from the SSD When disposing of or transferring the device to another party,
all the configurations and data stored in the device (including the data saved on the internal SSD) are initialized and deleted in order to prevent leaks of any confidential information.

・Authenticated printing and authenticated scanning With the Epson Print Admin or Epson Print Admin Serverless option, you can require printing authentication using an IC card or another authentication device to ensure that the authorized person is present to pick up the printed materials. This helps prevent the misplacement of important documents and leaks of confidential information.

・Run-time intrusion detection This function monitors control programs running on the device and terminates unauthorized invasive programs.

・IPsec/IP filtering (Security Architecture for Internet Protocol/Internet Protocol filtering) IPsec protocol encrypts communications between the printer and a computer or user, protecting the data from leaking.
IP filtering approves the transmitted data by their IP address and prevents unauthorized access by filtering out the transmitted data from unauthorized terminal devices.

・HTTPS/TLS connection These protocols encrypt the transmitted data when they access the internal Web server (WebConfig), helping prevent data leaks.

・IEEE 802.1X, WPA3 (Wi-Fi Protected Access 3) IEEE 802.1X is an authentication standard that prevents unauthorized devices from being able to connect to a LAN network. It allows using the device in a network environment requiring high security.
WPA3 is the latest standard for wireless local network security. All devices with the Wi-Fi function use WPA3, protecting important customer information assets from data leaks and tampering.

・SNMPv3 (Simple Network Management Protocol version 3) SNMPv3 is a protocol for monitoring and controlling information on devices that supports encryption and authentication. SNMPv3 protects the device from unauthorized configuration changes and data leaks.

・S/MIME(Secure/Multipurpose Internet Mail Extensions) When using functions such as Scan to Mail or fax forwarding, this protocol encrypts and adds digital signatures to electronic messages protecting them from tampering and leaks.

・Firmware signature verification The use of digital signature technology prevents unauthorized firmware updates. When the device is prompted for a firmware update, this feature checks the attached digital signature and only executes the update if the firmware is authorized.

・Password encryption and password policies Passwords saved in the device are encrypted to protect them from leaks.
Complex rules can be added for selected passwords to prevent the creation of easy-to-guess passwords.

・Initializing user data When disposing of or transferring the device to another party, all the configurations and data stored in the device are reset to factory defaults (initialized) in order to prevent leaks of any confidential information.

・Handling document data for processing on the device Scan data is temporarily stored on the device but is deleted after the target job completion or if the device loses power.

・Authenticated scanning With the Epson Print Admin or Epson Print Admin Serverless option, it is possible to use an IC card or another authentication device to ensure that scanning is performed in front of an authorized person.

・Run-time intrusion detection This function monitors control programs running on the device and terminates unauthorized invasive programs.

・IPsec/IP filtering (Security Architecture for Internet Protocol/Internet Protocol filtering) IPsec protocol encrypts communications between the scanner and a computer or user, protecting the data from leaking.
IP filtering approves the transmitted data by their IP address and prevents unauthorized access by filtering out the transmitted data from unauthorized terminal devices.

・HTTPS/TLS connection (Hypertext Transfer Protocol Secure/Transport Layer Security connection) These protocols encrypt the transmitted data when they access the internal Web server (WebConfig), helping prevent data leaks.
Epson uses TLS1.3, the latest encryption technology.

・IEEE 802.1X, WPA3 (Wi-Fi Protected Access 3) IEEE 802.1X is an authentication standard that prevents unauthorized devices from being able to connect to a LAN network. It allows using the device in a network environment requiring high security.
WPA3 is the latest standard for wireless local network security. All devices with the Wi-Fi function use WPA3, protecting important customer information assets from data leaks and tampering.

・SNMPv3 (Simple Network Management Protocol version 3) SNMPv3 is a protocol for monitoring and controlling information on devices that supports encryption and authentication. SNMPv3 protects the device from unauthorized configuration changes and data leaks.