5 FAM 1320
DEPARTMENT COPIERS (DOMESTIC)
(CT:IM-196; 07-17-2017)
(Office of Origin: A/GIS/GPS)
5 FAM 1321 GENERAL
(CT:IM-107; 06-09-2009)
5 FAM 1321.1 Purpose
(CT:IM-93; 10-22-2007)
The policy in this subchapter governs and applies to all
copiers within the Departments domestic facilities. Overseas applications are
covered by 12 FAH-6, Overseas Security Policy Board Standards.
NOTE: Digital copiers are automated information system
(AIS) equipment. See 5 FAM 910 and 12 FAM 600
for additional acquisitions policies and AIS security requirements.
5 FAM 1321.2 Definitions
(CT:IM-107; 06-09-2009)
For purposes of 5 FAM 1320, the
acronym CMP will refer to the Copier Management Program administered by the
Office of Global Publishing Solutions (A/GIS/GPS).
5 FAM 1322 PROCUREMENT and REplacement
(CT:IM-196; 07-17-2017)
a. The A/GIS/GPS Copier Management Program will supply
copiers from a limited number of manufacturers to reduce costs and service
time.
b. The Information Technology Change Control Board (IT
CCB) must approve any copier, associated diagnostic equipment such as PDAs and
laptop computers, and any related software if it will be attached to a
Department network. A list of approved hardware and software is available on the
IT CCB Web Site.
c. Offices/bureaus requiring that copiers be attached
to a Department network are responsible for purchasing, maintaining, and
obtaining IT CCB approval for any diagnostic equipment, such as PDAs and laptop
PCs used on those copiers. Such equipment may not be used for any other purpose.
One piece of diagnostic equipment may support multiple copiers at the same
level (e.g., SECRET or unclassified), but may not be used for different levels.
d. Diagnostic equipment must be classified and
appropriately marked at the highest classification of the information processed
on the copier equipment on which it is used.
e. No copiers will have remote diagnostic capability,
facsimile, scanning or other modem features enabled. Vendors must provide
written certification that all remote diagnostic capabilities have been
disabled.
f. Bureaus may require copier replacement before the
termination or renewal of their CMP contract. If a bureau replaces a copier(s)
before the termination or renewal of its CMP contract, the bureau will incur
the cost (including any termination fees) of upgrading the existing copier or
procuring a new copier that conforms to the requirements in this subchapter.
g. If a bureau wishes to obtain a copier outside the
CMP, the bureau must first obtain an exception from the A/GIS/GPS Copier
Management Program. The exception request must include Form DS-1863, Request
for Acquisition of a Photocopier, and a justification memo explaining the
reason(s) for the request. Submit the paperwork to A/GIS/GPS, and, after
review of the paperwork, CMP will notify you of the outcome. If an exception
is granted, the exception is for the duration of the lease or a maximum of 5
years (whichever is less). Each lease renewal will require a new exception
request submission. The bureau will be responsible for maintenance, supplies
and support of the non-CMP copiers. Bureaus must not connect a non-CMP copier
to the Departments network.
5 FAM 1323 MAINTENANCE
(CT:IM-93; 10-22-2007)
a. The bureaus information systems security officer
(ISSO) or system administrator must disconnect a copier from the Departments
network prior to connecting diagnostic equipment required to service or perform
maintenance on the copier.
b. Uncleared copier technicians may service
unclassified and SBU copiers that are not connected to the Departments
networks; however, such personnel must be escorted by a Department employee
having at least a Secret clearance. The escort must:
(1) Inspect the copier to ensure no hard copies are
present before a maintenance visit occurs;
(2) Inspect the copier for any security anomaly (see 12 FAM 091 for
security anomaly definition), after the visit. If the escort suspects an
anomaly, he or she must immediately report this information to the ISSO; and
(3) Ensure uncleared maintenance personnel are not
allowed to remove replacement hard drives or circuit boards from the
Departments possession.
c. Security clearance requirements for classified
copier maintenance personnel are outlined in 5 FAM 1325.
d. All copier maintenance personnel must have a
permanent Department-provided identification card bearing their security
clearance level/status. This card must be worn visibly at all times while
on-site. Visitor identification cards will not be issued, except in cases of
extreme emergency.
5 FAM 1324 USE, configuraTION, AND
DISPOSAL OR REMOVAL OF DRIVES
(CT:IM-196; 07-17-2017)
a. After a CMP copiers 5-year contract term has
expired, the CMP will replace the copier.
b. When any copier is removed from inventory (i.e.,
through excess property disposal, donation, or is returned to the lessor), the
removing official must dispose of the hard drive in accordance with 12 FAH-10
H-262.5 unless the hard drive will be
reused. Classified hard drives may not be reutilized in an unclassified
environment.
c. Bureaus must submit monthly meter readings to the
CMP via e-mail (GPSCMP@state.gov). If customers do not submit the readings,
CMP will estimate usage for that month. If customers are unable to submit
readings for the second or any succeeding months, A/GIS/GPS will send staff to
the copier to read the meter but must charge for this additional service.
d. A network copier must be configured to authenticate
individual users on Active Directory or allow for individual user account
logons. Authentication is necessary to comply with Department network
requirements (e.g., collecting network activity and auditing that are logged on
the copiers hard drive). (See 12 FAM 600
for AIS auditing requirements.)
e. Copier owners must ensure that if a copier has
wireless capabilities and/or radio frequency (RF) transmitters, these
capabilities are disabled. (See 5 FAM 580,
Wireless Information Technology.)
f. Copiers not meeting the requirements in 5 FAM 1325 may
only be used for unclassified and SBU processing and must be prominently marked
This Copier Authorized for Unclassified/SBU Processing Only prior to
issuance.
5 FAM 1325 ADDITIONAL REQUIREMENTS FOR
COPIERS USED FOR PROCESSING CLASSIFIED INFORMATION
(CT:IM-107; 06-09-2009)
a. Classified material may only be reproduced on those
machines under the continuous control of cleared U.S. personnel that have been
designated by the bureau security officer or unit security officer as
authorized for classified processing. Such copiers will be prominently marked
This Copier Authorized for Classified and Unclassified Processing:
(1) This means any machine located inside an office or
suite of offices that is locked after normal business hours and is restricted
from public access during hours of operation. Machines under continuous
control of cleared U.S. personnel generally encompasses any machine located
inside an office or suite of offices that is locked after normal business hours
and is restricted from public access during hours of operation;
(2) To review the Departments policy regarding the
reproduction of classified material, see 12 FAM 536.10.
b. Digital copiers must have a removable hard drive or
volatile memory, unless they are located in a workspace where there are 24/7
cleared employees within the immediate area at all times. Removable memory
must be secured in an approved storage container after work hours.
c. Upon termination or renewal of a CMP contract,
digital copiers that are to be installed in a workspace where cleared employees
are not present in the immediate area at all times and there is no alarm system
must be replaced with copiers that have removable hard drives or volatile
memory.
d. Copiers must be located in areas that are locked
after work hours. If there is no cleared building guard service, then the
areas must also be alarmed with entry door sensors and general motion sensor
coverage after work hours.
e. Multiple port copiers must not be attached to more
than one Department network.
f. The servicing technician must have a security clearance
at the same level as the material that may have been processed using the
installed hard drive. A technician without a security clearance, or one with a
lower level clearance, may service a standalone copier or copier that has been
disconnected from the network, provided:
(1) If a maintenance hard drive is used (i.e., the
hard drive used for classified reproduction is not accessible to the
technician);
(2) The technician is escorted by a systems
administrator cleared to at least the SECRET level;
(3) The escort inspects the copier to ensure no hard
copies are present before a maintenance visit occurs;
(4) After the visit, the escort must again inspect the
copier for any security anomaly (see 12 FAM 091 for
security anomaly definition), and, if the escort suspects an anomaly, he or she
must immediately report this information to the ISSO.
g. CMP or the owning or leasing bureau must inspect
and/or supply new or replacement service parts. Cleared technicians must
deliver all replaced service parts to A/GIS/GPS or the owning bureau for
appropriate disposal as noted in 5 FAM 1325,
paragraph j.
h. A/GIS/GPS or the owning bureau must remove hard
drives from copiers removed from the Departments possession, such as through
excess property disposal, donation, or return to the lessor; or when the copier
is moved from an area authorized for classified processing to an uncontrolled
area. Removable hard drives must be disposed of as noted in 5 FAM 1325,
paragraph j, unless the drive will be reused in another classified copier.
i. Classified copiers with non-removable hard drives
or non-volatile memory must have those components removed before the digital
copiers leave the Departments possession.
j. A/GIS/GPS or the owning bureau must safeguard all
classified hard drives removed in the above circumstances, in accordance with 12 FAM 632.1-9,
as classified material and send them to the Office of General Services
Management, Special Services Division (A/OPR/GSM/SS) for classified destruction
when no longer needed.
5 FAM 1326 THROUGH 1329 UNASSIGNED