Security Information

Links on this page will direct you to the Xerox site for known security vulnerabilities. If you find your product listed on this page with a known security issue, please contact our Customer Care Center at 1.888.374.8148 to determine if an update is available. If your unit is not already patched to a level that addresses the security threat and a patch is available, an MBM representative will update your device.

Prior to delivery of your new machine, MBM will set the device admin password at your request. If you would like to change the admin password after delivery, our Customer Care Center representative can provide you with information on how to do this. Please be aware, our service technicians will need this password to provide service and support to your machine. Please do not set your password as something you can’t share with your service technician.

Xerox Security Website

Device Security for Returned MFDs

The security of information and data saved or stored on the hard drives of machines that are sold or leased by MBM is the responsibility of the customer. We strongly recommend that our customers take steps to ensure that the security of sensitive information is not compromised, and we encourage our customers to initiate an HDD format while still in possession of the system.

MBM can provide assistance to customers in their efforts to reduce the risk of a security breach involving data stored on the hard drives of MBM-sourced units in situations where leased machines are turned back in to MBM and/or when machines are traded in to MBM on a new purchase or lease transaction. On all MBM-sourced units that are traded in to MBM with a clear title or that are returned as the property of MBM, we will erase the document storage, including address books and mailboxes, using HDD format, as soon as practicable, usually within 24 hours of receipt of the unit in our warehouse. There is no charge for this service; however, the customer should be aware that while erasing the hard drive does reduce the risk of a data security breach, it does not completely eliminate that risk.

Alternatively, and as a means of ensuring better control over the security of stored data, the customer may have MBM remove the HDD so that the customer may retain it and the data stored on it within its possession, custody or control. At the written request of the customer, the HDD unit will be removed from the equipment upon its return to MBM’s warehouse. The HDD unit will then be shipped to the customer, typically within 72 hours of its removal from the MBM-sourced unit. This will be a chargeable service at a rate determined by MBM.

If the customer prefers, MBM will remove the HDD at the customer site, at the customer’s request, as a time and materials service. MBM offers several device security options that will provide data security throughout the life of the product and we encourage use of these options where security is of concern.

For units branded other than Xerox, Kyocera, Canon, or Samsung, MBM is not able to assist the customer as described above. It is the customer’s responsibility to make alternative arrangements for safeguarding the security of sensitive data.

Device Security Policy and Hard Drive Removal Request Form (464K PDF)