SECURITY WHITEPAPER
SECURITY WHITEPAPER
By utilizing optional Edge virtual appliances or physical devices , we stand by our commitment to privacy even when on-premises infrastructure is required by the customer . Document storage and processing remains local to ensure that document integrity and privacy is maintained . Only the print job ’ s selected metadata travels encrypted to the cloud for management and reporting purposes .
HERE IS HOW IT WORKS
YSoft SAFEQ Cloud ( software ) is embedded on multifunction devices ( MFDs ) and printers at the business location . There , it is either connected with a Y Soft Edge device , ( hardware or virtual appliance ) or directly to a cloud instance . The edge device is responsible for processing jobs onsite . Though it does the work of a server , the Edge device , much like a network router , is self-contained and needs no customer maintenance . A Virtual Appliance operates in a comparable manner to the Edge hardware device but is run on a customer-supplied server or virtual machine .
Zero Trust Infrastructure
YSoft SAFEQ Cloud uses software-defined infrastructures in Cloud and Edge to provide auto-scaling and advanced networking and security .
In Y Soft view of Zero Trust approach , there are no trusted networks and zero implicit trust among services , instances , and clients . All system services , components , Edge devices and ( optionally ) deployed MFDs are mutually authenticated , and all communication is secured using industry-standard protocols , such as TLS ( Transport Layer Security ) 1.3 .
Zero Trust is often perceived as a network level architectural decision . Yet we believe that the Zero Trust approach needs to be applied holistically . Y Soft SAFEQ Cloud service provides “ beyond the network ” Zero Trust capabilities , such as individual service recycling and tenant infrastructure recycling in multi-tenant environments .
The following network protocols are primarily used :
HTTPS ( HTTP over 1.3 with server authentication )
HTTPS with mTLS ( HTTP over 1.3 with mutual-TLS authentication )
IPPS ( IPP over HTTPS )
mTLS refers to TCP communication secured with mTLS ( mTLS 1.3 )
Communication happens in 3 tiers :
Cloud : services exposed via publicly accessible endpoints ( public cloud )
Edge 2 Cloud : bi-directional communication from Edge devices to Cloud services
On Premise : Edge 2 Edge , Mobile Clients , and Desktop Clients
YSoft SAFEQ Cloud - 5 - YSOFT . COM