PrinterLogic Secure Release Printing Now Works with Kyocera Multifunction Printers

PrinterLogic is pleased to announce the release of an all-new Control Panel Application (CPA) for select FS, TASKalfa, and ECOSYS series multifunction printers from Kyocera. The introduction brings to 10 the total number of MFP brands supported by our SaaS and Virtual Appliance platforms for secure printing.

The Kyocera CPA follows our recent announcement of the PrinterLogic Fuji Xerox CPA and will come as equally welcome news to customers in the European and Asia-Pacific regions, where Kyocera is especially popular.

The PrinterLogic app installs directly on the printer and provides a flexible secure-printing experience for IT administrators and end users alike. PrinterLogic’s Kyocera CPA will work with any printer running Java VM version 1.4 subset and above—including models such as the FS C8525MFP, TASKalfa 6052ci, and ECOSYS M3540idn. 

You can view the full list of supported models here.

The PrinterLogic Kyocera CPA is built entirely on our second-generation CPA platform, which leverages the rich capabilities of our cloud-native SaaS printing solution to provide a more seamless and more secure experience across multiple printer models and brands. Kyocera vetted and approved the CPA prior to release.

New Advanced Security Bundle supports 90+ percent of the commercial MFP market

With this addition, PrinterLogic’s SaaS and Virtual Appliance platforms now support ten major network printer brands, representing well over 90 percent of the commercial multifunction printer market. Secure Release Printing is available as part of the PrinterLogic Advanced Security Bundle, introduced in January.

Secure Release Printing—also known as pull printing or “follow me” printing—ensures that the user who initiates the print job is physically standing at the printer before the output appears in the tray. This approach helps protect confidential information and reduces waste caused by redundant or abandoned print jobs.

New app uses PrinterLogic’s latest SSO and IdP support technology

The new CPA employs core PrinterLogic technology that supports Single Sign-On (SSO) protocols. Users authenticate one time to access any app or function on that printer. Once the user authenticates on the printer, PrinterLogic’s app employs a “listener” mode and allows them to release held documents without signing in again.  

The new app features an intuitive touchscreen interface that gives users four choices for proving their identity. These include badge swipe, smartphone release with QR code support, UserID/PIN, and conventional Username/Password login credentials. PrinterLogic supports Microsoft Active Directory and leading cloud-based Identity Providers (IdPs) such as Okta, Azure AD, Google Identity, Ping, and more.

How it works: Secure Release Printing workflow for users

Once network printers are configured for either pull printing or secure printing, the user workflow proceeds as follows:

  • First, a user prints from their workstation as usual, and the print job is held securely on the workstation until the user goes to the printer to retrieve it. 
  • At the printer, the user swipes their badge or authenticates using any of the available methods. All held print jobs appear on the printer’s screen. Users simply pick the job or jobs they want to print. Or, users can delete jobs they no longer care about.
  • With the pull-printing option, a universal driver is used. That means users can decide which printer they want to use after initiating the print job.

Secure printing ensures that confidential documents get into the right hands and aren’t left sitting on a printer tray to tempt prying eyes. In addition, these methods do away with abandoned print jobs and wasted consumables. For more details, see our Secure Release Printing feature page.

In addition to secure printing, PrinterLogic offers many other security features:

  • PrinterLogic eliminates print servers, each of which is a repository for thousands of confidential documents and is vulnerable to an attack.
  • PrinterLogic has passed the AWS Well-Architected Review and inherits all of the benefits of AWS Cloud Security.
  • PrinterLogic uses centrally-managed direct IP printing to keep jobs local. Printing continues even if your internet connection goes down.
  • PrinterLogic automatically logs document name, print source, print destination, and authenticated username for audit tracking and data-loss prevention.
  • PrinterLogic’s architecture complies with strict U.S. government standards (FIPS 140-2, with 140-3 compliance pending).
  • PrinterLogic supports multifactor authentication, including CAC/PIV-enabled release printing on any network printer.

A true SaaS solution that eliminates all print-related infrastructure

Unlike some “cloud-optimized” print management software, PrinterLogic is a true, multi-tenant SaaS offering. It’s not a cloud-hosted shortcut that leaves you stuck with server licensing, configuration, and maintenance. Automatic updates ensure you have the most current and reliable solution possible—backed by a guaranteed service-level agreement.

Solving Your Business’ Top Five Security Concerns: Part III

This is the third and final post in a series covering five main security concerns and how PrinterLogic addresses them. And as I said at the end of my second post, this one might even be the most important.

It’s about cyberattacks.

It wasn’t all that long ago that cyberattacks seemed like a peripheral threat. Sure, there were always script kiddies knocking at the door, and once in a while, you’d see something serious emerge with the media educating us on a widespread vulnerability that was ripe for exploitation. But on the whole, as long as your software was reasonably up to date, you weren’t biting your nails every time a device connected to the Internet.

How times have changed.

The rate of what is arguably the most public-facing form of cybercrime, malicious e-mails, soared 600% during the pandemic. However, according to a survey by McAfee for its 2020 report The Hidden Costs of Cybercrime, the less visible threats of malware and spyware now pose the biggest financial risk to organizations. Cybercrime Magazine has predicted that global cybercrime costs will amount to $10.5 trillion USD annually by 2025 — up from $3 trillion in 2015.

In short, cybercrime is a money maker. Malicious actors are now more organized, savvy, and mobilized than ever. They’ve grown bolder and more sophisticated.

With cyberattacks, it’s no longer a matter of if. It’s a matter of when. Software is developed, installed, configured, and used by humans—so it’s never going to be impervious. And unfortunately, there are a lot of other humans who will seize any chance they get to exploit a chink in the armor. Of the 1,500 companies included in McAfee’s report, only 4% had managed to avoid some form of cyber incident in (pre-pandemic) 2019.

Every organization is going to feel the sting at some point. 

The good news is your hands aren’t tied. There are solutions. Cybercrime mitigation and prevention are already baked into the way companies like ours are delivering and maintaining software in the SaaS era.

Classic software models used a more protracted release cycle. You’d install a software solution on-prem, often taking a wait-and-see approach to gradual updates that enhanced functionality or plugged security holes. The typical cycle was measured in months or even years.

But then news of an exploit would emerge. CVE-1234 could enable a user to gain control of the entire network by printing a black-and-white document in color! Then it was a race to adjust settings, disable functionality and limit access in the immediate term while you waited weeks and weeks for a patch to arrive. PrintNightmare, which I addressed in the “Attack Surfaces” section of this post series, is an obvious example of the drawbacks of this old-school approach.

Cloud-native SaaS solutions like PrinterLogic, by contrast, are both more proactive and more responsive. They’re constantly being updated behind the scenes to pre-empt possible exploits and close existing loopholes. It’s like getting into your car every morning with the knowledge that it received a full tune-up, comprehensive safety inspection, and performance upgrade sometime during the night.

Our SaaS platform saw a record-breaking number of code deployments in April 2022 alone. During that month, we issued rolling updates that improved functionality or addressed potential security gaps about one hundred times a day.

And here’s the best part: Once those deployments become common code, every single one of our SaaS customers is updated at the server level. There’s no more damage control followed by a long, anxious wait for a security patch that IT then has to apply across the board. Instead, vulnerabilities can be addressed universally in a matter of hours.

We’re also working on some exciting functionality that will further capitalize on the advantages of this architecture. In the future, every software component that’s part of the PrinterLogic solution—from agents to clients—will be able to receive automatic rolling background updates.

Agility like that is how you manage cyberattacks. It’s also how PrinterLogic’s modern SaaS approach saves time, headaches, and costs several times over.

Summary

In this three-part series, I’ve covered five security-related topics that are of prime importance to C-suite executives and IT departments:

  • Minimizing the attack surface
  • Protecting data
  • Embracing Zero Trust
  • Safely supporting remote work
  • Mitigating cyberattacks

I’ve also shown how each of these intersects the print environment, and how PrinterLogic fits into the equation—and even changes the rules of the game. Between our serverless, SaaS platform and our new Advanced Security Bundle, we solve the most pressing security issues.

We achieve this through capabilities such as:

  • Eliminating and consolidating print infrastructure
  • Offering concurrent support for leading IdPs
  • Multifactor authentication (MFA)
  • Secure Release Printing with easy badging
  • Smartphone print release with QR codes
  • Role-based access control
  • Off-Network Printing for remote workers
  • Automatic and timely SaaS updates

Of course, there’s a lot more to the PrinterLogic solution. We streamline printer and driver management, cut print-related help desk calls by allowing users to install printers on their own, and offer three bundles to further extend PrinterLogic’s functionality, including Advanced Security, Cost Management, and Output Management.

Solving Your Business’ Top Five Security Concerns: Part II

This is the second in a three-part series of blog posts discussing five security concerns that are top of mind for today’s CIO or IT director. 

My first post examined attack surfaces and data protection as a jumping-off point. This post will expand on that by delving into Zero Trust and remote work—two very recent trends that are not only deeply intertwined but also, like the others, heavily dependent on the print environment.

Identity Process Diagram

Zero Trust

Zero Trust is a computer security concept that first appeared in 1994, yet it didn’t start seeing mainstream adoption for another two decades. Basically, the name says it all. In a Zero Trust environment, the assumption is that every device is potentially compromised. To keep those devices contained, there should be multiple authentication mechanisms and access control policies in place for users as well as their machines.

That’s a tall order—very simple in theory, a lot messier in practice. As a result, you have a lot of IT leaders asking themselves and their teams, “How do we get to Zero Trust while still keeping all the essential pieces of our IT puzzle?”

Printing has historically been one of the trickier pieces. After all, the very concept of printing is a holdover from the analog world of ink and paper. Its primary purpose is to turn what we see on our screen into something we can hold. Maybe that’s why it sometimes feels like there are light years separating today’s print environment from modern cloud computing where the user’s location is fluid.

So, when you’re talking security best practices, maybe the question is better phrased like this: How can a technology with such a classic pedigree as printing be modernized for the era of cloud-based Zero Trust models?

The starting point is authentication.

First, you’ve got to get single sign-on (SSO) in place. You can think of SSO as the one-stop shop for users to sign in to all their cloud services at the same time. SSO works hand-in-hand with—but is also distinct from—the identity provider, or IdP. The IdP is the data store for digital identities and functions like a guest list. If you’re not on the list, you don’t get in.

What makes IdP different from traditional authentication is that it’s not limited to individual users. In keeping with the Zero Trust philosophy, IdP also verifies apps, devices, and any other entity that wants to connect to the network.

The second step is multi-factor authentication (MFA). It’s designed to double (or even triple) check the validity of any authentication process—similar to presenting your passport after showing your driver’s license. One everyday example of MFA is the SMS verification codes you receive when logging into websites. Enterprise-grade systems are naturally more varied and robust.

For the third and final step, you’ll need to implement adaptive identification. This is a context-based security concept that emerged in response to mobile device adoption, and it’s taken on more importance during the global shift to remote work. In simple terms, adaptive ID means, “I’m going to trust you a lot more if you’re working out of your home office than if you’re in the local coffee shop.” At home, you might be able to go for days without re-authenticating. At the coffee shop, it will be much more frequent.

All of this is difficult—if not impossible—to apply to the traditional print environment. That’s why PrinterLogic, as a cloud-native SaaS solution, creates a bridge between the two. Our core platform supports all major IdPs, including Okta, Azure AD, Google Identity, and seven more. We tightly integrate with industry standards like Security Assertion Markup Language (SAML), System for Cross-domain Identity Management (SCIM), and OpenID Connect (OIDC) to update and authenticate principals and authorize access to printers.

In short, before a print job can come through, PrinterLogic makes sure the user and device are thoroughly vetted.

And as far as admin tasks go, PrinterLogic’s role-based access control (RBAC) lets you limit the scope of access while also delegating more responsibility to power users. You can even let users install printers themselves without worrying about them doing anything beyond that. So you get granular security and fewer support calls.

There are two more important aspects of Zero Trust that are worth mentioning here. One involves shrinking your network. The other has to do with conducting ongoing audits.

Both of these are also addressed with our core PrinterLogic platform.

As I detailed in the previous post in this series, PrinterLogic was designed from the outset to eliminate infrastructure—namely, print servers. That doesn’t just minimize your attack surface. It also shrinks your network: fewer devices, less exposure, less to keep tabs on and lock down.

In addition, PrinterLogic’s core platform includes powerful auditing capabilities. From end-user print activity to admin configuration changes, you can see exactly who did what, where, and when. That rich oversight, coupled with PrinterLogic’s authentication and access control, creates a secure print environment that supports Zero Trust policies.

Remote Work

These days, any conversation about Zero Trust is incomplete if it doesn’t tie into remote work.

Coming off the heels of the COVID-19 pandemic, some form of remote work—or its close cousin, hybrid work—is widely acknowledged as the workplace standard going forward. A recent survey we conducted revealed that over 80% of our customers envision their employees in remote or hybrid work models for the foreseeable future.

Generally, many of the same technologies that are enabling Zero Trust are also key to hardening the security around remote work. These include the cloud-based IdPs, MFA, auditing, RBAC, and other protocols and practices I laid out above.

But let’s look at things from the remote user’s point of view.

For this, I’d like to use an example that we featured during a recent live demo. We had an employee named Greg sitting by the pool on top of a hotel downtown. He was connected to the hotel’s Wi-Fi, enjoying some downtime, checking the headlines and his social media feeds on a mobile device.

Then he realized he needed to print a document back here at the office. The printer, of course, was connected to our corporate network.

Think about all the moving parts involved in that device chain. How in the world does Greg print without resorting to all kinds of inconvenient network acrobatics? And more importantly, how does he do it securely?

This is where PrinterLogic’s Off-Network Printing plays a huge part. Using this feature in our new Advanced Security Bundle, Greg was able to remotely print a job from his personal mobile device to an in-house printer with a tap or two. PrinterLogic handled all the authentication and access control along the way, even if that involves concurrent IdPs. Plus, PrinterLogic TLS encrypted the print job from end to end to safeguard against interception.

As far as Greg is concerned, all this was as simple as printing from an in-house PC. Maybe even simpler. He stays productive when he’s offsite, and his print data stays secure. A win-win.

It’s not hard to envision how this would apply equally well in a hoteling or desk-sharing scenario. Then add PrinterLogic’s built-in location-aware functionality to those possibilities. This feature set can determine where a user or device happens to be, based on criteria like their IP address. In other words, if a hybrid user sits down at a new desk in a new building, they can automatically be associated with a nearby printer and even have it auto-install on their compatible device.

And we have some amazing technology in the works that will make it easier for guests, freelancers, and hybrid workers to print securely without even having to interact with a standard print dialogue. When they want to print, they’re simply taken to a PrinterLogic portal page where they can upload their file. That assigns them a unique identity. They can then walk over to the printer, enter the temporary ID, and tell the printer to release the job. That’s it: totally serverless, clientless, and driverless.

We’re also working on more robust offline printing capabilities. This is useful in scenarios where a remote user prints a job to the in-house corporate printer for later retrieval. Let’s say they send the print job from their mobile phone at home, then come into the office the following day without their phone. They’ll still be able to release the waiting print job simply by swiping their badge. This PrinterLogic feature already works with Windows endpoints, and our plan is to make it fully OS-agnostic—like everything else in our solution—in the near future.

Next Up

Here we’ve looked at how PrinterLogic modernizes the print environment for Zero Trust and remote work—two interconnected security and workplace trends—through concurrent IdP support, MFA, comprehensive auditing, Off-Network Printing, and much more.

That still leaves one other topic I’d like to cover. From a data security standpoint, it may even be the most urgent: Cyberattacks.

In the final blog post of this series, we’ll lay out why the standard print environment remains vulnerable to cyberattacks and how the other four factors we’ve covered so far play a role in that. Better still, we’ll also look at straightforward, cost-effective ways to thwart these threats.

Solving Your Business’ Top Five Security Concerns: Part I

Whether you’re a small business with 100 employees or a multinational enterprise with a workforce of 10,000, you have a shared priority: safeguarding the security of your network.

There’s good reason for that. According to reporting from Harvard Business Review, ransomware attacks rose by 150% between 2019 and 2020, and that deeply worrying trend shows no signs of stopping. Mission-critical security exploits like Log4j and PrintNightmare are cropping up every couple of months. And with the shift to remote and hybrid work, organizations are scrambling to plug newly visible gaps without inconveniencing their end users.

This series of blog posts will look at five security concerns that are top of mind for today’s CIO or IT director:

  • Minimizing the attack surface
  • Protecting data
  • Embracing Zero Trust
  • Safely supporting remote work
  • Mitigating cyberattacks

All of these security concerns intersect in the print environment. That’s not just something we’re saying as a printing solution provider. It’s what our customers are telling us day in and day out.

With that in mind, these posts will also discuss how PrinterLogic’s core solution and our new Advanced Security Bundle solve these pressing and emerging challenges.

In this post, we discuss how PrinterLogic helps minimize your attack surface and protects proprietary data. Let’s dive in.
Identity Process Diagram

Attack Surfaces

Your attack surface is the number of points that an unauthorized actor could breach to extract data or deliver a malicious payload. The size of your attack surface correlates directly with your infrastructure.

In the print environment, “infrastructure” equates almost entirely to print servers. If you have 50 print servers, you have 50 possible attack surfaces—each with multiple attack vectors and hundreds of megabytes of confidential user data as a target.

PrintNightmare is a perfect—and scary—example of the power and scope of an exploit that leverages print servers as a ubiquitous (and therefore often overlooked) attack surface. It preys on untrusted drivers, turning those modules into rogue agents. But the present tense is important here. PrintNightmare hasn’t gone away. It might no longer be grabbing headlines in the tech media, but its three variants remain a critical security vulnerability across the board. Some researchers have even argued that patched servers shouldn’t be considered immune.

At the same time, the comprehensive fix for PrintNightmare and other print server exploits is both simple and obvious. To minimize your attack surface, you just take the vulnerable infrastructure out of the equation. Problem solved.

This is why our customers didn’t even bat an eyelid when PrintNightmare appeared. They didn’t have to worry about print servers being exploited as they waited for a patch. Why? Because PrinterLogic had superseded their print servers the moment it was deployed. Malicious actors can’t attack what doesn’t exist.

From its very first line of code, the core PrinterLogic solution has been laser-focused on eliminating print servers through a centralized, enterprise-grade, direct-IP printing platform. Since then, PrinterLogic’s footprint has only grown smaller and more secure as it evolved into a cloud-native SaaS offering with support for all major cloud identity providers (IdPs).

That reduction in infrastructure has huge benefits for cost savings, ease of use, and resiliency, as many organizations have already discovered hundreds of times over. Now, they’re realizing they can add security to that list too.

Data Protection

I’ll bet your organization is already taking serious steps to secure your digital data. If you have several individuals or teams of people working with important documents, you’re probably making sure that all those folders and files have very specific access privileges. No unauthorized users can open or interact with them. The same goes for apps and other software.

But what about printed documents?

That’s a different story.

We can all probably share a bunch of anecdotes about how unsecure everyday printing can be. I remember a time when I would have to sprint from my desk to the printer as soon as I clicked “Print” in order to grab a sensitive print job as soon as it hits the tray.

In the real world, however, things don’t always go according to plan. You print a confidential job, get distracted by a phone call or a meeting, and then forget to pick it up. So it sits in the output tray, where someone else accidentally grabs it along with their own papers. Whether they wanted to or not, they’ve now seen that private salary information or the upcoming product behind the codename.

This is the number one way data gets leaked in many companies. The 2022 Quocirca Print Security Landscape study found that 68% of companies reported a data loss as the result of unsecure printing practices like these.

Here’s where Secure Release Printing comes in.

Secure Release Printing has been an optional feature for PrinterLogic customers for many years, and we’re now making this proven technology a cornerstone of our new Advanced Security Bundle. What Secure Release does is it asks the user to authenticate via badge or credentials while physically present at the printer before the job can be executed. The user who initiated the job is the only one who can retrieve it.

PrinterLogic’s new Advanced Security Bundle also includes a very convenient technology called Mobile App Release. This, too, is a feature we introduced several years ago and have been refining and augmenting ever since. It functions similarly to Secure Release, except it uses the user’s mobile device as the authentication mechanism.

It’s important to mention something about simplicity here. We know from experience that forcing users to jump through all sorts of hoops in the name of security is self-defeating because it only makes those users want to circumvent those protocols. That’s why Secure Release and Mobile App Release are incredibly intuitive. Users can seamlessly incorporate them into their workflows, so data protection becomes a natural and fundamental part of their productivity.

Another important thing that advanced features like these have in common is that they tap into the inherent security of the core PrinterLogic solution. By eliminating print servers, we haven’t just reduced an attack surface. We’ve also ensured that print data is never sitting in some intermediary point like a server-based print queue. With PrinterLogic, the TLS-encrypted print job goes from the user’s device directly to the printer. This direct-IP paradigm avoids single points of failure where someone could tap into that data stream.

If you look at the full feature set of our Advanced Security Bundle, you’ll spot something interesting: Off-Network Printing. This might sound like it goes against our “keep it local” philosophy when it comes to protecting print data. But the reality is that remote work—which I’ll cover in more detail in the next blog post—is now a dominant force in the modern workplace, and we need to find a way to support it securely.

PrinterLogic’s Off-Network Printing mirrors the direct-IP approach of our core solution but extends these capabilities to any authorized off-network device. It does this by establishing a secure tunnel between the initiating device and the local destination printer behind the firewall—no VPN required! All the print data is TLS-encrypted along that single path, and it’s never at rest.

Later this year, we’ll build on this model to offer optional functionality that can temporarily store the encrypted print job in the cloud for added convenience. Authorized users will then be able to execute the job locally using one of our release mechanisms to push the encrypted cloud data to our software on the destination printer.

Between our core PrinterLogic solution and the functionality in our Advanced Security Bundle, we now have three scenarios that cover any use case, while still protecting print data by design:

  1. Local direct-IP printing, enhanced by Secure Release and Mobile App Release.
  2. Our current Off-Network Printing solution, where data is not at rest.
  3. The forthcoming version of Off-Network Printing, where cloud data is protected end to end.

Next Up

I promised to address five security concerns, and so far, we’ve covered only two.

In the next blog post of this three-part series, we’ll talk about trends like Zero Trust and remote work. How important is office printing to successful Zero Trust and remote work strategies? In what ways does the conventional print environment put those strategies at risk?

Those are all questions I think PrinterLogic can answer.

Cerner EHR Printing Just Got Better: Introducing PrinterLogic’s new LPD Service

PrinterLogic’s healthcare customers value our serverless printing solution for the secure, unified print management that it provides. We help tame the complexity of conducting general office printing alongside EHR/EMR solutions, which almost always come with their own print infrastructure and framework.

As part of our efforts to make that day-to-day experience even better for clinicians, nurses, doctors, and receptionists while reducing the load on IT admins, we’ve been developing functionality that will better manage back-end Cerner electronic health record (EHR) printing and output.

The newest addition to that functionality is our LPD Service. It’s a modest name with big impacts on convenience and ease of use—especially in healthcare settings that use Cerner EHR software.

 

What Is LPD and How Does It Work?

The line printer daemon (LPD) is part of a standard software protocol that allows networked computers to submit print jobs to printers on the same network. You might have even seen it as an option when you’re installing a conventional printer on your home PC. The LPD is the middleman responsible for relaying print jobs to the network printer.

In PrinterLogic, our LPD Service works by identifying a service client computer in the network that’s already running the standard PrinterLogic client agent. The LPD Service runs in the background and listens for compatible print jobs.

Once the LPD Service has been enabled by an admin, it can receive LPD print traffic and extract information from the print job’s bundled metadata. That info reveals who printed the job, which printer it’s targeting as well as details like finishing options (e.g., duplex, B/W, output tray) and secure release settings. Based on that metadata, the print job will be routed to the correct printer, including off-network printers, and held for release if requested.

The same metadata is also used for PrinterLogic’s reporting functionality. Details like the initiating user, destination printer, timestamp, and filename are collected and uploaded to the PrinterLogic Admin Console.

Some extra technical background is that the PrinterLogic LPD Service will first try to send the job to the printer without using a driver via the Internet Printing Protocol (IPP). IPP is another printing standard that supports advanced capabilities like access control, authentication, and encryption. If IPP isn’t supported on the printer, you can use any signed Type 3 printer driver instead.

Cerner EHR Printing

 

The Benefits of LPD in Cerner Environments

Cerner provides one of the world’s leading EHR solutions. It’s used throughout the healthcare industry to access and securely maintain vast stores of confidential patient medical information. By design, it becomes the central fixture of an organization’s print environment. Pretty much every document passes through Cerner before it’s printed to paper.

Unfortunately, this can cause issues with general office printing and back-end applications, not least because Cerner has its own server-based print infrastructure. Device incompatibilities, downtime, and routine printing errors can be common occurrences, and they multiply in IT environments with diverse printer fleets.

PrinterLogic’s new LPD Service leverages the universal line print remote (LPR) printing standard—the same one that Cerner’s own EHR system uses—to make everyday printing more efficient and reliable. It enables users to print from backend applications without the need for legacy print servers, which neatly sidesteps all the problems inherent to those print servers.

Best of all, PrinterLogic’s LPD Service can do this while still tapping into PrinterLogic’s advanced features:

  • Comprehensive reporting: See who printed what, when, where, and why.
  • Pull printing: Jobs are held until the user is ready to retrieve them. This keeps protected health information (PHI) from sitting unclaimed in output trays.
  • Off-Network Printing: Conveniently allow devices to print while still maintaining strict zero trust policies.

These features complement the strict security of EHR systems and enable organizations to maintain compliance with HIPAA and other industry regulations.

The LPD Service also helps with print resiliency to avoid downtime. Multiple PrinterLogic LPD Service clients can be used to create redundancy. These can be set up behind a load balancer or configured to communicate among themselves for failover scenarios.

 

Availability

PrinterLogic’s LPD Service is part of our new Output Management bundle. This optional set of modules is designed to give organizations granular control over everything they print.

  • Output Management
  • Rules, Routing & Policies*  
  • Tamper-Resistant Rx Printing** 

As of this writing, both the Tamper-Resistant Rx Printing and the Rules, Routing & Policies modules are in development and gearing up for preview release. However, the Output Management module with the LPD Service is ready for preview among PrinterLogic customers who are interested in getting a sneak peek and shaping its progress through feedback.

 

A Complete Printing and Print-Management Solution

The LPD Service is a big deal for Cerner users, but it’s just one benefit among many that PrinterLogic offers to healthcare organizations. With our serverless printing solution, you can:

  • Lower costs: Fragmented solutions and all their support infrastructure can lead to mounting costs. By minimizing the hardware footprint and eliminating deep-rooted print inefficiencies, PrinterLogic keeps costs down.
  • Simplify print management: It can be difficult to bridge the different systems for EMR and general office printing. PrinterLogic helps to unify the print environment and provides a single window for IT to oversee it.
  • Harden security: Thanks to its pull printing and Off-network Printing functionality, PrinterLogic augments the security of Cerner and similar EMR/EHR solutions without sacrificing ease of use.
  • Leverage reporting: In addition to capturing extensive metadata for every print job, PrinterLogic offers a convenient way to view, filter, and sort that information. IT can easily monitor print activity across the organization.

*Available late 2022.

**Under development, available 2023.

Print Security: Protect Your Company’s Devices, Documents and Data

Originally published on August 29, 2017

Printers are often an afterthought when the subject of security arises. When, in reality, they’re central to how an organization operates. Sending a print job containing sensitive information begins with the end user, but the in-between channels are where that sensitive information is subject to be viewed (intentionally or unintentionally). We can always store passwords on digital documents, encrypt folders, and install VPNs to limit external access to our organization’s internal networks. But print security remains a challenge for three important reasons:

1. Printing is physical.

Digital documents can be locked away. We can restrict who’s able to access them and monitor when they do. Secure printing is another story. All too often, printed documents are left exposed for anyone to see—not just on someone’s desk, but right there in the printer’s output tray! Let the office gossip begin!

Furthermore, companies adopting a full-on remote workforce are witnessing a whole slew of problems with print security. 

Here’s a short scenario for you: Let’s say, Steve, a remote employee, is trying to print a document for someone in HR residing at the company headquarters. This document gets delivered to the correct printer; however, the HR specialist left the office briefly. Steve’s document is now in the hands of anyone and everyone without his authorization. Now everyone can see that he got a pay raise and a promotion before it becomes public, leading to an HR disaster. 

Situations like these are becoming more commonplace, leaving employees (or customers) exposed in a workplace that should be a safe haven for them.

2. Vulnerabilities when print jobs queue in the print spooler.

Recent vulnerabilities like Print Nightmare have wreaked havoc by potentially exposing company data. This vulnerability made it possible for attackers to access operating systems and run remote code with system privileges. Even now, PrintNightmare is still causing companies to second guess their printing architecture. 

Companies utilizing print servers to execute print jobs are at a high risk of being attacked. This is especially true for companies utilizing multiple print servers since they have to be constantly updated, patched, and secured. Every time a print job goes to a print server, it’s at risk of being exposed to hackers fighting to gain access to your network. This makes your ability to control who sees your confidential information minimal, especially without embracing a serverless printing solution. For this reason, your print management solution must align with your company’s zero-trust security strategy to limit exposure to confidential documents.

The pandemic took a toll on companies worldwide and left a lot of people anticipating the death of the printer. For those who believed that was the outcome–think again. According to a poll by Quocirca in January 2022, despite the digitization of workflow during the pandemic, 44% of companies anticipate an increase in office print volumes, signaling an uptick in print security spending by 70% of organizations in the next 12 months. 

It might be time to hop on the bandwagon and welcome print security (and the printer) with open arms.

3. Security in printing is only as strong as our end users.

Although we’ve all been told about the importance of creating a unique and virtually impenetrable password, it seems we still haven’t received the memo. The most popular passwords of 2022 are “password”, “qwerty”, and for the outside-the-box thinkers: “123456.” It’s easy to claim that these passwords stem from complete laziness; however, I would argue that no one wants to type in a 20-character password every time you need permission to perform a basic duty at work. 

The same principle applies to secure printing. If you try to increase security in printing by making it a complex, six-phase procedure for end users, you’re more likely to discourage them from actually using it. End users should feel empowered when executing a print job, not overburdened. This is why secure printing solutions have to be convenient enough for users to prefer them over ordinary insecure methods.

Why Secure Release Printing?

Secure Release Printing from PrinterLogic takes all of these issues into account. It can’t make sensitive documents invisible to everyone except their intended recipients, but it can keep documents in the hands of those who printed them. All the while, you can relax knowing the roots of company chaos (i.e., print spooler and print server) are nonexistent.

Secure Release Printing is divided into two straightforward steps: the initiation of the print job and the release of that job at the printer. When a user with, say, a classified document clicks “Print,” the job is held in the user’s workstation. Once the user is physically at the printer, they can release the print job using one of the four methods:

  • A badge or card reader: If your organization already has a badge system, PrinterLogic’s Secure Release Printing can integrate with that system to release print jobs by authorized users via their associated badge. The reader might be built into the network printer itself or connected externally to the printer and the network.
  • Badge+PIN & User ID+PIN: Very effective for employees working in a high-security environment. This multi-factor authentication (MFA) feature provides an extra layer of security to keep confidential files out of unwanted hands. 
  • The Control Panel Application (CPA): PrinterLogic SaaS, our cloud-based serverless printing infrastructure, offers an embedded app for all major printer brands. This app allows users to log in, identify their print job, and release it for printing. 
  • Any browser: Using PrinterLogic’s web-based app, authorized users can release print jobs from any device that is capable of running a browser including mobile devices (iOS and Android). 

Keeping your information private has never been more seamless. Instead of your jobs being held on a shared print server, they are held securely on the user’s workstation giving the user full control over the outcome of the print job through user authentication.