Print Audit Security
Scanning
- SNMP scanning is carried out solely within the internal network, via the standard SNMP port (UDP port 161).
- The Information Collection Engine (ICE) utilizes unicast transmission to communicate to each IP address within the configured scan range. Broadcast packets are NOT sent.
- If required, a community string can be specified within the ICE configuration.
Data Collection
- Print Audit’s server is located in a physically secure environment.
- Print Audit’s server is protected by a dedicated hardware firewall than prevents all external access, except that which is needed for Facilities Manager to operate.
- No security threat from external sources as only Facilities Manager is authorized to run on the server.
- The server is kept up to date with the latest security patches, system patches, and anti-virus updates.
- Server administration logins are restricted to a limited number of authorized personnel for routine maintenance procedures.
Data Storage
No user or personal data is collected using the ICE. Only the following information is obtained and transmitted to Print Audit’s secure server:
- Printer name, make and model
- Serial Number
- Location
- IP Address
- MAC Address
- Toner Levels
- Page Counts
- Status/Alerts (e.g. paper jam)
Data Transmission
- The ICE connects to Print Audit’s server via an outbound connection only. No reverse connection is made from Print Audit’s server to the ICE.
- HTTPS is the default send method in the ICE configuration window. This ensures the encryption of data during transmission using standard internet security protocols i.e. 128 bit SSL on TCP port 443. If HTTPS is unavailable, the ICE will utilize HTTP port 80 as the send method.
- HTTPS (128-bit SSL) is the same security in use by Internet banking and Online Vendors.
- The server delivers an acknowledgment that the data was received, however, no other data is sent back to the ICE during/after transmission.
Web Interface
All external access is through secure login (username and password) which can be restricted to single/multiple users. Advanced privileges can also be assigned to users.