As my colleague Will explained, there are a variety of challenges associated with moving to an Enterprise Print and Scan solution in the Cloud. Taken together, those challenges might seem overwhelming at first, but with a little pre-planning, you’ll find them not so intimidating. Before jumping in to solve any problems, let’s first consider five questions that help us narrow the definitions and requirements.
First, what does the term “Cloud” mean to your organization? Normally, “Cloud” refers to technology resources that are available on demand without the need to maintain the infrastructure or hardware on-site. When discussing Cloud software, one frequently hears expressions like SaaS (Software as a Service) or PaaS (Platform as a Service). But those terms still need further definition due to varying views about their meaning. Many times, SaaS is thought of only as a multi-tenant solution, such as Office 365, which is typically consumed in a subscription license model. Will public Cloud platforms (AWS, Azure, etc.) be allowed by your organization or does the Cloud software need to be privately available? Overall, your organization will need to evaluate these details to decide how to move forward. Security concerns, such as those present in multitenant environments, should also be considered.
Second, how should users be authenticated? Authentication proves that something is true, genuine and/or valid… in this case, the user’s identity. In many organizations, when users were attached to local or wide area networks, they were given access to network resources. The user provides their username and password for the internal domain and are “trusted” with rights to resources like printers. This approach has exposed security threats in some organizations that allow potential bad actors access, for example, if a password is compromised.
Multi Factor authentication can help with some of those issues but can still have weaknesses. If a password is compromised and the user is “tricked” into giving the perpetrator the multi factor code or approval, then they again are able gain access to all resources. In 2022, Russian state-sponsored cyberattackers exploited MFA and used the PrintNightmare security vulnerability to gain access to a large organization’s network. Your authentication should be more sophisticated than that.
This could, and likely will, lead an organization to adopt a “trust no one” type of environment, which is basically the security model of many applications on the internet, including Amazon. When reviewing some of the current public web applications, many organizations employ OAuth 2.0 using OpenID Connect’s (OIDC) authentication layer to ensure secure communication. So, when it comes to printing, a federated security solution using OIDC can now secure all “conversation” traffic between the application and a printer. Every interaction will have a unique token verifying the identity of the authorized user.
Third, what are the complexities of printing and scanning inside your organization? The organization will need to understand where documents are coming from and where they need to go. There is additional complexity when one considers all device types that are utilized —for example, phones, tablets, laptops with various operating system platforms — that may or may not be common in a business setting. For that matter, many output devices may also be in play across multiple geographies that utilize differing manufacturers and have regional stipulations regarding data security. Ultimately, the printing and scanning solution needs to be capable of working with any device type, getting information from any platform, and deliver it to any location to cover all bases in an organization.
Fourth, we need to discover what processes and applications are creating the documents. Of course, applications like Word and Excel create many of the documents, and PDF workflows likely all originate on end user workstations (front end printing). But it is valuable to discover other avenues of printing in the organization that can make enterprise-wide print solutions more challenging. Applications like SAP, Oracle, Epic, Cerner, etc. all have printing abilities from the application itself (backend printing), which drives the print from a backend server with a destination of a device.
SAP printing, for example, can be very difficult and complicated for various reasons. An organization using SAP applications could have various print devices from various manufacturers deployed regionally or globally. Specialty printers may also be involved like Zebra thermal transfer printers deployed in warehouses or laboratories. Many of those manufacturers have their own configurations for printing from SAP, which makes setup more complicated. This can also make the user experience more difficult and frustrating due to differences in the way that different printers are handled.
Because backend print applications are often a “send the print, and forget about it” type system, a report or pick list would typically need to be re-generated if there was a failure at some point in the process. Reprints can be time consuming if the user was working with a complicated report or process that required time to generate. In such situations, it would be useful to be able to resend a saved copy of the job from the print management system.
What if an organization works with other smaller affiliate type organizations that use the backend application, but the two parties are not connected to the same Network or Wide Area network? For example, suppose a B2B relationship requires them both to use the application, but the smaller affiliate has to print to their own printers that are not connected to the larger organization. Or what about the mainframe? If legacy mainframe printing is still needed, how can this output be included in a comprehensive print environment?
LRS does have the capability to work with all of these scenarios, including one that has not been addressed in this discussion: Pull Printing. LRS can enable pull printing of output from Windows as well as specialized apps like SAP, Epic, mobile devices, and more. This allows secure print job release on any device that the user is authorized to access. Truly, LRS can support printing from any application, on any platform to any device.
Final question: once the answers to the four questions above are researched and achieved, what is left to do? My colleague Hunter Hill will help answer that question in the next article in this series.