When talking about data security, in general, there are two major print architectures supported by modern print/output management software. One is referred to as Direct IP printing, where the documents (print jobs) are created and sent immediately to a network printer, without the involvement of a print server and a spool. The other print architecture involves a print server that receives and stores print jobs on a spool before delivering them to the appropriate destination printers. This is referred to as server-based printing or spool-based printing. Each architecture offers a unique value proposition for a large enterprise environment and both present challenges for secure network storage of data.
For example, in many organizations most printing comes from users that create documents from a variety of personal computing devices such as traditional and virtual desktops, laptops, notebooks, tablets and smartphones so it is crucial to protect data in transit from these various devices. Some of these users work in large office environments while others work in remote, branch offices or from home. Because of network topology and bandwidth considerations, it makes sense to deploy a Direct IP print solution for remote locations to minimize WAN traffic, improve printer throughput, and eliminate the need for a local print server.
However, large enterprises also have mission-critical business applications that employees, partners, and customers depend on every day (e.g., ERP, SCM, CRM, EMR, etc.). These applications run on a variety of server platforms and create documents that must be delivered to the required hardcopy and softcopy destinations in the correct format. It is vital to protect data in transit and failure is simply not an option.
Securing your print queue
Having a secure print queue is critical since printing plays a key role in many business processes. A server-based print architecture is required to support important capabilities such as dynamic data transforms, retention of print files, rerouting of documents to an alternate printer, and providing IT staff with end-to-end visibility of the entire printing process. This requires a reliable, high-performance print spool, ideally running on a central server to minimize complexity.
Obviously, there is no so-called “data at rest” in the Direct IP print model because there is no spool. Or, is there? In the case of a Windows desktop, the print job is created locally and then immediately sent to the printer, assuming the printer is online and accessible over the network. If not, the print job is held until it can successfully print or is cancelled (deleted) by the user. If pull printing is used in conjunction with Direct IP printing, then print jobs must be held on the local desktop until the user authenticates at a device and releases them for immediate printing. Held where? A local desktop spool of sorts.
The net effect is that it is possible to have “data at rest” in the Direct IP printing model. However, since the user (and owner of local print jobs) had presumed-authorized access to the content in question, the potential security exposure would mainly come from an unauthorized third party that was able to access the contents in the event of a lost/stolen computer (e.g., laptop). The risk of leaving data vulnerable to unauthorized use can be greatly minimized or eliminated by implementing full-disk encryption across employee desktops (e.g., BitLocker for Windows systems).
Securing your Print Server
In the case of a print server with a spool, your business may deem it important to restrict or eliminate access to spool files while they reside on the print server. This includes print jobs awaiting delivery to a destination and also print jobs in held/retained status (e.g., error condition, pull printing scenario, etc.). Your IT organization can take several steps to minimize risk and eliminate security breaches in this area.
Some examples of ensure data security are as follows:
- Restrict spool file viewing privileges to a limited number of trusted IT administrators. This can be controlled by the print/output management software. For example, help desk personnel may have an operational requirement to see that user ”XYZ” has spool files (print jobs) waiting to be delivered to printer “PRT001.” However, help desk personnel likely do not need to view the contents of the spool files in order to perform their job responsibilities.
- Utilize any event logs generated by the print/output management software. These logs can contain useful information such as which authorized user viewed specific spool files. In the event of a security incident, this information can be useful to determine potential sources and eliminate security breaches.
- Leverage Encrypting File System (EFS) if you are running your print/output management software on a Windows server. With EFS, you can encrypt the folders used to store spool files (print jobs) while they reside on the server. It is possible to limit access to a single login user id, which the print software runs under. Since an IT administrator must set everything up, only that individual could see information in non-encrypted format. Similar file system encryption capabilities may also be supported on other OS platforms such as Linux.
- Utilize your print/output management software if it supports the encryption of spool files on the print server. You should be mindful that this functional capability may impact other features of your print/output management software. For example, it may affect the ability to accurately track and report printed pages; transform data from one format to another; or dynamically modify the contents (such as watermarks, timestamps, etc.). The print/output management software may be configured to support these functions by temporarily decrypting the spool files for a brief period of processing time.
In short, there are a few approaches to consider for secure network storage and protecting data at rest. Since many IT personnel are “trusted” to some degree, this may not be a high priority security concern for some organizations. Understanding what is possible can be useful when developing your print security strategy and not leaving data vulnerable to unauthorized use.