Information Security Articles and White Papers

Xerox Product Security Data Protection V10.0 (PDF 495.6K)
March 04, 2015
This document helps Xerox product users manage risks associated with image data stored on hard disk drives.

Multinational FreeFlow Core 40 Security Guides (zip archive 1.6M)
November 05, 2014
These Guides cover:

France (and Canada/French)
Netherlands, Belgium (Dutch)

UnZIP the file and choose the desired language.

User Guide For FFPS Software Update Manager Oct 2014 v1.0 (PDF 941.5K)
November 04, 2014
Shellshock Security Patch for X86
Guide for Using the FFPS Update Manager
October 2014
Version 1.0

On Sept 25th, media sources announced security vulnerabilities in the Bash shell software (aka Shellshock). Understandably, Xerox customers are concerned about these vulnerabilities.

Unix and Unix-derived systems like Linux and Mac OS X are vulnerable to these attacks since they use Bash as the default command shell. The FreeFlow Print Server (FFPS) includes the Solaris Operating System, which is potentially affected since it includes the Bash shell.

A document addressing this vulnerability and describing a tool for updating FreeFlow Print Server has been posted to the URL

Xerox App Studio V2.0 (PDF 2.8M)
August 28, 2014

FreeFlow Core Security Guide V1.0 (PDF 254.2K)
August 28, 2014

FreeFlow V9.0 Security Guide (PDF 733.3K)
August 28, 2014

Xerox Remote Services Security White Paper v1.0.10 (PDF 841.4K)
July 08, 2014
NOTE: This updated document describes the system components, interoperability, and features available for securing Xerox Remote Services within Xerox products. It is intended to serve as a guide for deploying Xerox Remote Services within a network environment.

Microsoft Windows XP End of Support: What You Need to Know V1.0 (PDF 90.6K)
April 04, 2014
This document details the Xerox Products affected by both the End Of Life of Microsoft Windows XP on standalone Digital Front Ends (EFI FIERY AND CREO) and Microsoft Windows XPe (XP embedded) controllers on CF devices.

FIPS 140-2 Validation Document V1.4 (PDF 50.1K)
March 07, 2014
NOTE: This is a new version of the document that includes the Xerox D95/D110/D125 Presses.

Xerox Remote Control User Interface Security White Paper
July 10, 2013
This document describes the Remote User Interface use and Security Features available on the new Xerox ConnectKey devices. The latest edition may always be viewed here.

Xerox Security Patch Criticality Ratings V2.1 (PDF 951.7K)
November 20, 2012
This document describes the Security Patch Rating system used for security patches to Xerox products (as of December 2007).

Xerox and Cisco Partnership Frequently Asked Questions
March 05, 2012
Xerox has received questions about the partnership between Xerox and Cisco and the security features this will add to Xerox products. We have compiled these questions and answers into a document. It can be accessed here.

ISO 27001 Security Certification (PDF 2.4M)
December 13, 2011
Xerox ISO 27001 Security Certifications
This document will detail the Xerox commitment to the ISO 27001 Security Certification, what it is, and the certification Plan-Do-Check-Act Process Model.

Xerox and Information Security (PDF 3.3M)
November 29, 2011
Information Security with Xerox Products
Protecting your data so you can focus on what matters: the success of your business or organization.

Security FAQs for Service Calls (PDF 779.1K)
November 14, 2011

WorkCentre Removable Hard Drive Brochure (PDF 199.9K)
September 15, 2011

Xerox Secure Print (PDF 582K)
April 05, 2011
Do you avoid printing private or confidential documents on workgroup devices? Now you can use Xerox® Secure Print to control the print timing of any document, without worrying about security.

Vulnerability Management and Disclosure Policy (PDF 194.8K)
April 01, 2011
This document details the process and policy used in discovery and remediation of vulnerabilities in Xerox software and hardware.

Internal Hard Drive File Security for Phaser Printer Models (PDF 1.3M)
June 23, 2010
This document details the types of data stored on the internal hard disk and describes how to use both the Secure File Overwrite feature and the Automatic File Deletion feature. It also contains instructions on setting security features. This document applies to a variety of Phaser models. For a complete list, see inside the document.

Meeting Security Standards Where it Counts Most (PDF 1.2M)
April 16, 2010
Security and the Federal Government.

Meeting Healthcare Regulations for Security & Privacy (PDF 658.2K)
April 16, 2010
Security and the Healthcare Industry.

Xerox Secure Access Unified ID System (PDF 2.2M)
April 16, 2010
This brochure describes how Xerox devices can use your existing access control magnetic or proximity cards to allow access to Print, Copy, Scan, and Fax. Gain flexibility with Follow-You printing while also saving user time. See how your unique ID card may be able to open more than the front door.

Xerox and the P2600 Security Working Group (PDF 359K)
April 16, 2010
This document describes how Xerox has been working with the IEEE from the start to help author and comply with the P2600 Security specification. Now that the standards are written, see how this benefits our customers.

Ensuring Security on the Network (PDF 196.2K)
April 05, 2010

Use of CA-signed Digital Certificates for Better Security (PDF 38.6K)
March 16, 2009
This document describes a solution to prevent exploit of a vulnerability in the MD5 algorithm that can affect WorkCentre® and WorkCentre Pro® devices. This vulnerability could allow attackers to create forged X.509 certificates to use in phishing attacks or impersonating legitimate sites.