1. Field of the Invention
The present invention relates to an image forming apparatus which is capable of making a user aware of a security policy violation, a method of controlling the image forming apparatus, and a storage medium.
2. Description of the Related Art
Personal computers (hereinafter abbreviated as “PCs”) and server apparatuses, such as a file server and an authentication server, which are connected to a network in an office or the like should desirably be operated in compliance with an information security policy (hereinafter simply referred to as “the security policy”) defined on an office basis.
The security policy is a basic policy concerning the information security of an entire company, and is a collection of policies as to the use of information and prevention of invasion from external apparatuses and leakage of information. The security policy is developed by an administrator in charge of security.
The apparatuses connected to the network in an office include not only the PCs and the server apparatuses but also peripheral apparatuses, such as image forming apparatuses. Recent image forming apparatuses come to not only simply print or transmit images, but also store image data and provide a file service function for the PCs, to thereby play the same roles as played by other server apparatuses connected to the network.
Further, recent image forming apparatuses have their application development environments made open to the public, and similarly to the cases of PCs and the like, applications developed by third parties are available.
Therefore, in order to maintain a safe and secure office environment, the image forming apparatus are requested to be operated in compliance with the security policy, similarly to the PCs and server apparatuses. To be compliant with a security policy is intended to mean that an image forming apparatus in an office complies with restrictions imposed on operation thereof in view of security so as to prevent unauthorized use thereof or leakage of information, e.g. by making user authentication absolutely necessary before it is operated by a user.
A system which manages image forming apparatuses by applying a conventional security policy thereto is provided with a security policy verification unit configured to detect a security policy violation by any of the image forming apparatuses.
Further, there has been disclosed a security policy compliance system configured to temporarily stop access to an image forming apparatus when the security policy verification unit detects a security policy violation thereby, so as to prevent the image forming apparatus from executing an operation against the security policy (see e.g. Japanese Patent Laid-Open Publication No. 2009-230178).
However, even when the security policy compliance system disclosed in Japanese Patent Laid-Open Publication No. 2009-230178 is provided, processes available without authentication can be executed.
Specifically, for example, even in an environment of an image forming apparatus where a security policy is applied, in a case where data for job execution is transmitted to the image forming apparatus from a PC via a network, some processes, such as LPR printing and RAW printing, can be executed without authentication.
In this case, even a job from a user who has violated the security policy applied to the image forming apparatus is executed if the job does not necessitate user authentication.
Further, it is impossible to notify the user that a security policy violation has occurred. That is, there is a security problem that in spite of using the image forming apparatus against the security policy, the user can continue using the image forming apparatus without being aware of the security policy violation.