IDM Security Overview

Scanning

  • SNMP scanning is done within the internal network only, via the standard SNMP port (UDP port 161). 
  • The Information Collection Engine (ICE) uses unicast transmission to communicate to each IP address in the configured scan range.  No broadcast packets are sent.
  • A community string can be specified in the ICE configuration if required.

Data Storage

  • Print Audit's server is located in a physically secure environment.
  • Print Audit's server is located behind a dedicated hardware firewall that blocks all external access except that which is required for Infinite Device Management to function.
  • The server is kept up to date with the latest operating system patches, security patches, and anti-virus updates.
  • Server administration logins are restricted to a very limited number of authorized personnel who require access only for routine maintenance and backup purposes.
  • Infinite Device Management is the only application running on this server and therefore there is no security threat posed by other programs.

Data Collection

No personal or user data is collected with the ICE. Only the following information is gathered and transmitted to Print Audit's secure server:

  • Printer name, make and model
  • Location
  • Serial number
  • IP Address
  • MAC Address
  • Page Counts
  • Toner levels
  • Status / Alerts (e.g. out of paper, paper jam)

Data Transmission

  • The ICE connects to Print Audit's server via an outbound connection only. There is no reverse connection made from Print Audit's server to the ICE.
  • HTTPS is the only send method used by the Print Audit Information Collection service. This ensures that the data is encrypted during transmission using standard internet security protocols (256 bit SSL on TCP port 443).
  • HTTPS (256-bit SSL) is the same security as is used in Internet banking or purchasing goods online from a merchant such as Amazon.
  • The server sends a simple acknowledgement that the data was received, but no other data is sent back to the ICE in response to the transmission. This response is also encrypted in the same manner as the transmission itself.

Web Interface

  • All external access is via secure login (username and password) and only through the secure web application at https://fm.printaudit.com
  • Infinite Device Management logins can be restricted to either a set of customers for a single dealer (a "dealer level" account) or a single customer (a "customer level" account). Advanced privileges can also be assigned to users.
  • Access to the secure web application at https://fm.printaudit.com uses 256-bit SSL encryption.


 

  • No labels