Electronic Data Discovery

If you are smart, you’ll prepare for the event that you might need to be ready for electronic data discovery.

I read an interesting post at Computer World. Robin Harris wrote a post called the Two-minute guide to Electronic Data Discovery. iStock_000000665423Small There is some pretty interesting points in there that I believe everyone responsible for data in a business should understand. I think that this is a prime example of how IT and business managers really need to work together to be ready for eventualities in business especially when it comes to document management policies.

One thing that struck me was that it is not IT responsibility to define data retention or destruction strategies. She made three important points:

  • Your company’s lawyers and record management folks are responsible for setting electronic data retention policy - not IT
  • IT must take the lead, working with policy makers, in architecting an economic and effective infrastructure to ensure compliance
  • IT needs a documented process whose ownership lies outside IT for unscheduled data destruction - such as when a VP wants all their emails to a client deleted - and staff must be trained on it.

Toshiba America Business Solutions Inc. Honors a Record 87 National and International Dealers with the 2008 ProMasters Service Award

IRVINE, Calif. --(Business Wire)-- Mar. 19, 2008 Toshiba America Business Solutions Inc. (TABS) proudly announces the recipients of its annual ProMasters Service Award and Top Achievement Award, recognizing technical support and customer service excellence among its network of office equipment dealers during the 2008 Toshiba National Dealer Meeting. The ProMasters Program, along with its Service Award, were developed by TABS in 1992 to consistently ensure the highest standard of technical expertise and customer service in the industry for both independent and company-owned dealers.

"At Toshiba, we fundamentally expect our dealers to deliver superior levels of customer satisfaction, and the ProMasters Program provides us the opportunity to publicly recognize and celebrate these successes," said George Colborn, vice president, Service, TABS. "Toshiba maintains that outstanding customer service yields a superior customer experience - and the fact that the number of ProMasters Award recipients keeps increasing means the number of well-served Toshiba customers grows as well."

Canon MFPs Vulnerable to FTP Bounce Attack

By Ryan Naraine The vulnerability affects 20 Canon multifunction printers and could allow remote attackers to redirect traffic to other sites via the PORT command. Researchers at Indiana University have raised an alert for a difficult-to-fix vulnerability affecting certain Canon Multifunction printers. The flaw, which affects about 20 different Canon MFP models, could allow remote attackers to redirect traffic to other sites via the PORT command. This issue is known as FTP bounce and is related to an old issue in FTP servers that lets remote attacker to connect to arbitrary ports on machines other than the FTP client. According to the Indiana University advisory, the following Canon products are affected:
  • imageRUNNER 2230/2830/3530
  • imageRUNNER 3025/3030/3035/3045
  • imageRUNNER 2270/2870/3570/4570
  • imageRUNNER 5070/5570/6570
  • imageRUNNER 5050/5055/5065/5075
  • imageRUNNER 8070/85+/9070/105+
  • imageRUNNER 7086/7095/7105
  • Color imageRUNNER C3220/2620
  • Color imageRUNNER C2880/3380
  • Color imageRUNNER C2550
  • Color imageRUNNER C4080/4580/5180/5185
  • Color imageRUNNER LBP5960
  • Color imageRUNNER LBP5360
  • imageRUNNER C3170
  • imageRUNNER C5800/6800
  • imageRUNNER C5870U/6870U
  • imageRUNNER C5058/5068
  • imageRUNNER LBP3460
  • imagePRESS C7000VP
  • imagePRESS C1
Canon has acknowledged the issue in an alert (PDF) that warns that an attacker may be able to scan networks that are not otherwise accessible. "An attacker may also be able to conceal the true origin of a port scanning attempt," Canon said, noting, however, that information in the network host cannot be obtained via the affected printers. Nate Johnson, the lead security engineer at Indiana University who reported the issue to Canon, said the available firmware updates that fix the vulnerability "are not user-installable." "[Patching this] requires a service-technician call from a local Canon Authorized Service Dealer," Johnson said. As a temporary mitigation, Johnson recommends: Disable FTP printing:
  • Navigate to Additional Functions -> System Settings -> Network Settings -> TCP/IP Settings -> FTP print.
  • Set FTP print to OFF.
Protect FTP printing with username/password credentials:
  • Navigate to Additional Functions -> System Settings -> Network Settings -> TCP/IP Settings -> FTP print.
  • Set "user name" and "password" for the FTP print functionality.
"Additionally, best practices suggest that access controls and network firewall policies be put into place to only allow connections from trusted machines and networks," Johnson said. .......................................................................................................... This article was originally published from eWeek and can be found at their site. does not hold the copyright of this article.
Syndicate content