Technical white paper HP Designjet ePrint & Share Security white paper v1.
Summary HP Designjet ePrint & Share (eP&S) allows architecture, engineering, and construction (AEC) professionals to automatically manage printed files online, to view, print, and share them. eP&S consists of several assets, an HP Designjet Service Driver for Windows that uploads printed jobs to eP&S as printed files, a set of mobile apps for iPhone, iPad, and Android platforms to print locally and remotely and manage your printed files, and a website at http://www.hp.
5. 3rd party Web services printing to HP Designjet printers 6. Connecting directly to an FTP Content Repository to print files In this document we detail all security measures taken to protect and secure all workflows (from 1 to 6) of the eP&S service. Security measures HP takes security and data privacy very seriously. HP will not sell, rent, or lease any personal information to others. You can review the entire HP Online Privacy Statement at http://welcome.hp.com/country/us/en/privacy.html.
1. On the ePrint & Share website (http://www.hp.com/go/eprintandshare) there is a Create a free account link that can be used to create new user accounts, as well as a Download button to download the HP Designjet Service Driver for Windows. Anybody with a Web browser and Internet access can obtain an account this way. Only minimal information such as a country name, username (email address) and password are requested.
Secure Web communication All communication between the HP Designjet Service Driver and the HP Designjet ePrint & Share (eP&S) service, or between a user’s Web browser and the eP&S Library, uses secure connections by HTTPS protocol (Hyper Text Transfer Protocol, Secure).
• Firewall: Amazon EC2 provides a complete firewall solution; this mandatory inbound firewall is configured in a default deny mode and Amazon EC2 customers (HP) must explicitly open all ports needed to allow inbound traffic. Highly secure applications can be deployed using this mechanism. In the case of HP Designjet ePrint & Share, administrative access is limited to qualified HP support staff, and even they do not have access to users’ data, which is stored in encrypted form.
3rd party Web services integration 3rd party Web services integrate with HP Designjet ePrint & Share (eP&S) by using our eP&S API to print files. Our API forces 3rd party services to use only secure channels to communicate with our service API and to authenticate with valid user account credentials. HP Designjet ePrint & Share service also integrates with 3rd party Web services to access other content repositories, such as FTP.
http://www8.hp.com/us/en/hp-information/summary/ww-privacy.html Amazon Web Services • • • • AWS Security and Compliance Center: http://aws.amazon.com/security/ AWS Overview of Security Processes (May 2011): http://media.amazonwebservices.com/pdf/AWS_Security_Whitepaper.pdf AWS EC2 Service Level Agreement (SLA): http://aws.amazon.com/ec2-sla/ AWS S3 Service Level Agreement (SLA): http://aws.amazon.com/s3-sla/ Others • Transport Layer Security / Secure Socket Layer in Wikipedia: http://en.wikipedia.