Print data transfer encryption Overview

SafeQ supports encryption of print data transfers allowing to print confidential data over insecure network.

see Configuring Print Data Transfer Encryption for configuration and deployment information.
see YSoft SafeQ Security Overview for detailed information on key management and data transfer workflow

EncryptData - As an Administrator, I want to configure data encryption (from workstation to the MFP) so that I can make our environment really secure.

All network communication related to the print data from workstation to the network printer shall be encrypted and authenticated
SafeQ Client shall transfer the data to SafeQ Server using SSL/TLS data stream or using AES cipher (unique session key exchanged via authenticated SSL stream).
Client on Windows shall verify server certificate using Windows Certificate store.
SafeQ server shall transfer the data to MFP using IPP over SSL data stream.
SafeQ server shall verify MFP certificate. SafeQ server shall accept the MFP certificate on first connection and use this certificate in future.
Administrator shall be able to remove the MFP certificate from individual device or all devices via web interface.

Print roaming must be configured.
MFPs must be connected thru Terminal Professional or support IPP over SSL printing. Administrator also has to configure proper print delivery method (IPP/SSL).
If encryption from a workstation to a server is required print drivers and YSoft SafeQ Client must be installed locally at every workstation.

Server key is stored in password protected key store on server disk. The password is Hard-coded in SafeQ.
Data are stored unencrypted on the server's hard drive. For server data encryption we recommend to use Microsoft Windows EFS.
Supported SafeQ versions: SafeQ 5.0

Print data transfer encryption feature is licensed as a part of YSoft SafeQ Client license