Rule ID
SV-7030r1_rule
Version
V2R15
CCIs
If the hard disk drive of a MFD can be removed from the MFD the data on the drive can be recovered and read. This can lead to a compromise of sensitive data.<br /><br />The IAO will ensure the device has a mechanism to lock and prevent access to the hard disk.
The reviewer will, with the assistance of the SA, verify that the device has a mechanism to lock and prevent access to the hard disk.<br /><br />What we are looking for here is a locking mechanism with a key securing the hard drive or the case access to the hard drive. The lock will be locked or this is a finding.<br /><br />Note: This is not required if physical security measures are in place, if the drive is not easily removable, if drive is encrypted, or if there is zeroization or other strong protection mechanism.
If the lock is not locked, lock it.<br /><br />If there is no lock see if the vendor makes one and if so acquire it an lock the drive.<br />If the vendor does not supply a lock, acquire an aftermarket lock that will secure the drive so that it cannot be accessed. Even a drive that cannot be removed but the connectors can be removed is vulnerable.<br />