Oce VarioPrint 1055 System Administrator Manual - Assumptions
Assumptions
Introduction
The following assumpions focus on the organisation where the Océ product and the DAC
is located and describe the environment, the security policy, the users and their behaviour.
Océ products
It is assumed that the DAC is attached to an:
■
Océ VarioPrint
®
1055, 1065, 1075 machine, or
■
Océ VarioPrint
®
2062, 2075 machine.
Security policy
It is assumed that the organisation will have a security policy governing the use of IT
products by employees in the organisation.
The security policy describes and requires a low to medium level of assurance (Common
Criteria Evaluation Assurance Level 2) for the DAC.
It is assumed that the network to which the DAC is attached is protected by security
measures that are intended to prevent malicious programs, viruses and network traffic,
not related to the working of the operational environment, entering the network to which
it is attached. Although the virus database files and various patches are kept up to date,
the policy recognises that new threats emerge over time and that occasionally they may
enter the environment from outside and provides measures to help limit the damage. The
policy will define how IT products are protected against threats originating from outside
the organisation.
The employees of the organisation are aware of, are trained in and operate according to
the terms and conditions of the policy. The policy also covers physical security and the
need for employees to work in a security aware manner including the usage of the DAC.
Environment
It is assumed that the operational environment of the DAC is a regular office environment.
Physical access to the operational environment is restricted. The environment contains
non-threatening office personnel (local users, remote users, remote system administrator,
Océ service engineer). A “thief” is only rarely present in this environment and not on a
recurring base.
Chapter 1 - General information
7
Assumptions