NIST announces the release of Draft NIST Interagency Report (NISTIR) 8023, Risk Management for Replication Devices. For the purposes of this NISTIR, replication devices (RDs) include copiers, printers, three-dimensional (3D) printers, scanners, 3D scanners, and multifunction machines when used as a copier, printer, or scanner.
RDs are found throughout most organizations and are components included in many information systems. NISTIR 8023 provides guidance on protecting the confidentiality, integrity, and availability of information processed, stored, or transmitted on RDs. Appropriate countermeasures in the context of the System Development Life Cycle are suggested. A security risk assessment template in table and flowchart format is also provided to help organizations determine the risk associated with replication devices.
As always, we look forward to your feedback during the public comment period.
Comment period CLOSED on: October 17, 2014. Questions? Send email to: email@example.com