Print Security Acronyms for Geeks (PSGs)
TMYK. The more you know, the better. We don’t often recommend talking in acronyms, but there are a number of IT-related (especially security-related) acronyms that are super helpful to know about.
Even if you shy away from the TLAs (Three Letter Acronyms), this article highlights some of the main print security subjects you may want to consider if print security is a key consideration in your organization. Oh! And security can be a dry topic, so we’ve tried to make this article fun and entertaining… if that’s possible!
Some fun first!
If you already know your stuff, see how many security-related acronyms you can find in the wordsearch below:
| A | Y | N | G | M | X | I | M | E | P | V | N | F | S | J |
| D | H | A | S | L | W | S | I | I | C | L | L | X | Y | I |
| I | G | S | P | N | I | P | F | E | B | S | J | A | N | Q |
| H | E | P | R | R | R | D | A | T | A | L | P | D | N | B |
| S | N | M | P | F | I | F | I | R | H | X | A | T | C | D |
| W | J | D | I | S | P | O | R | O | B | L | H | P | T | I |
| P | G | D | C | T | P | D | F | P | A | D | T | S | W | H |
| O | E | X | S | A | L | D | S | I | V | P | U | C | A | W |
| X | D | W | L | P | M | S | X | M | A | P | A | N | O | N |
| C | I | F | S | R | I | H | F | D | T | C | O | J | C | F |
| A | E | Q | K | S | N | M | L | E | S | P | F | A | V | B |
| J | N | F | I | N | S | B | W | Y | I | Y | C | N | J | E |
| T | L | R | T | L | S | S | Q | X | T | B | L | K | P | L |
| Q | P | I | A | A | P | I | H | V | E | L | W | O | J | C |
| L | M | D | L | P | G | F | D | W | L | V | W | E | I | C |
Would you like your name listed here on an honour roll? Email us when you’ve found all the answers.
Honour roll
- Chris D found 12 but it might be fight to the death whether HTTP is security.
Print Security - Acronyms
On a serious note, these definitions give you a glimpse of how deep print security can go. We have a dedicated security team here at PaperCut Software, and we take security very seriously. We’ve hardened our products against our ‘users’ who include everyone from hackers, to click-happy staff, to computer science masters students.
| Acronym | Full name | Definition |
|---|---|---|
| E2E Encryption | End-to-end encryption | Where only the ’things’ at either end of a communication can read it. This means that anyone trying to intercept the communication (an eavesdropper) can’t read it! In a printing context it means that it’s not possible to eavesedrop on print job context by sitting somewhere on your network. |
| IPP | Internet Printing Protocol | IPP is exciting because it allows for access control, authentication, and encryption, making it a much more attractive protocol for printing in today’s world versus, say, LPD or simple standard TCP sockets on port 9100.For extra points, drop in that IPPS may be used in the device URI (Uniform Resource Identifier), allowing a client to open an HTTPS connection to the specified IPP secure print service. |
| IPPS | Internet Printing Protocol Secure | The secure form of IPP. It’s IPP over a HTTPS/TLS connection. |
| GDPR | General Data Protection Regulation | With the basic intent of trying to make data less creepy, and giving customers more control over their data, this regulation is mainly EU based — but it can impact world wide. Famously, it gives you the ability to request the data that a company has about you, as well as requesting that they delete it. PaperCut’s solutions offer a number of tools to help you remain GDPR compliant such as secure print release through to featuers that allow you to implement the right-to-be-forgotten. |
| HIPAA | Health Insurance Portability and Accountability Act | US-based law that is aimed at protecting customer data — focusing strongly on medical policies, record keeping, and technologies. In a printing context features such as secure print release and print auditing help ensure you’re meeting best practice. |
| LDAP | Lightweight Directory Access Protocol | Often used in the same sentence as AD (Active Directory) or OD Apple Open Directory, LDAP (or LDAPS for the secure version) is an open method of maintaining a user directory service. Directories are often used to authenticate users, maintain user directories, groups etc. If you already have one of these, then you can just connect up PaperCut MF or PaperCut NG, and use the user identity in these systems. |
| AD | Active Directory | The Microsoft implementation of a user directory service. It’s used heavily in Windows environments to manage users, computers, groups, policies, and lots more. When you press ctrl-alt-del to change your password on your Windows computer connected to a domain, you’re probably changing it in Active Directory. All of PaperCut’s solutions can syncronize with AD so you can use users and groups to implement print policies and printer/copier/MFD access. |
| SNMP | Simple Network Management Protocol | A standard for managing devices on a network. For example with a printer, you can query an OID (Object ID) in the MIB (Management Information Base) on the printer to see if it’s in an error state or not. Basically an acronym-soup-laden explanation for “it lets you monitor and interrogate devices on the network”. SNMP v3 ups the security game, including authentication and encryption. PaperCut’s solutions will use SNMP to improve system security. For example, if a printer is in error, it may prevent printing or warn the user so jobs don’t get stuck. |
| SMTP | Simple Mail Transfer Protocol | The set of standards that enables email to be sent. Whether it’s cat gifs, Simpsons memes or low toner notifications, it all needs to be sent and received successfully. |
| OAUTH | OAUTH - Open Authorization | The best invention ever. Log into a 3rd party service (like PaperCut!) with an authorization tool that you’re already using (like Google). No need to have to set up yet another username and password to log into the interface. |
| PDF/A | Portable Document Format (archive standard) | Pretty much the same as the PDF that you know and love, but this document format is specifically optimized for archiving. Just like you wouldn’t want to get down to your survival bunker only to find that can openers had moved on and you now had no way to open your canned munchies — PDF/A ensures there’s no propriatary extensions or linked fonts, meaning that you’ll be able to dust it off in the future and still be able to open and read it as it was meant to be. |
| TLS | Transport Layer Security | Taking over from its predecessor (SSL), TLS is a protocol allowing clients to securely talk to servers. What’s the difference? There’s a bunch of maths and technical details, but basically there’s stronger encryption options and additional port options. Where possible all of PaperCut’s solutions use TLS secure connections for communication (e.g. client-to-server, printer-to-server, server-to-server). |
| SSL | Secure Sockets Layer | This has now been superseded by the cooler and more secure ‘TLS’. The protocol does much the same - allowing for chatter over networks to be secured, but not as securely as with TLS. Some older printers only support SSL and in some cases PaperCut’s solutions may drop down to this to remain compatible. |
| HMAC | Hash-based Message Authentication Code | A HMAC is a result of combining a secure hash function with a secret key. It is often used to help digitally sign an electronic document. PaperCut’s solutions use a HMAC in its watermarking and digital signature feature. |
| PSG | Print Security Geek | Normally found in plain sight but not necessarily wanting to be identified. If they have been forced into keeping printers on the network, then they’ve begrudgingly become experts in securing and managing them — with the toner smudged scars and burn marks to prove it. |
| LPR | Line Printer Remote | A network printing protocol used to send print jobs to remote printers. LPR was allegedly the original software for printing, so became synonymous with the ‘client’ side of things. However people tend to blur them into one interchangeable LPD/LPR mashup wherever possible. LPR is generally not regarded as a secure print protocol. |
| LPD | Line Printer Daemon | LPR’s other half. Normally referring to the actual daemon (the helper monkey thing) on the server, or the service itself that receives the print jobs. Again, these two caused the most scratches and bruises in our discussion here about which is which. |
| HTTPS | Hypertext Transfer Protocol Secure | One of the more recognizable acronyms, since it’s normally at the start of your URL bar in your browser… I mean, assuming that you’re always browsing securely, right? Basically it allows for communication over the network or internet, normally web-based. Administrators usually remotely administer PaperCut’s admin console using a HTTPS connection. |
| CIFS | Common Internet File System | A file-sharing protocol that allows you to send and receive files from locations on the network or internet. Mention a shared drive or a department ‘share’ and chances are you’re using this. In a printing context, CIFS is used by Windows clients when printing to a Windows Server. It’s used to deliver the print job (spool file), as well as to help facilitate driver installation. |
| VLAN | Virtual LAN or Virtual Local Area Network | Making virtual boundaries so that traffic on the same physical network acts as though it’s on a different physical network. If you want to hide away your printers as though they’re not on the same network with all your hackers-in-training student computers, just plop them onto a separate VLAN, and you won’t be able to ‘see’ the printers from the student workstations. Sneaky sysadmin! The other advantage is that printer Ethernet cables can’t be used for generic network access or “anonymous hacking”. |
| HA | High Availability | You don’t want to have a website that’s only available 50% of the time, and your print environment is exactly the same — yes it’s a somewhat clandestine way to save paper, but it’s definitely not great for your users. High availability is the dark art of keeping printers, print servers, networks, and everything in between, up and running as much as possible. |
| BCP | Business Continuity Plan | Basically your guide to ‘what to do when things break’. The idea is that you plan for what happens when your air conditioning breaks in the middle of a hot summer day, so that you’re not trying to think what to do in the flustered moment. It’s all about asking the morbid questions like ‘what happens when my print server silently goes off the network forever’ or ‘what’s our backup plan when the student printing lab is under ten inches of water’, and then creating a plan for if that happens. |
| SPDF | Secure PDF or Secure Portable Document Format | Like your regular friendly PDF but with the fun-blocker of a password. You can’t open or print the PDF without the password. |
| DP | Default password | The one that you hope it’s not, but it is. The one your users hope it is, but hopefully it’s not. Unfortunately, many printers have a DP. All administrators should take the time to eliminate DP,s quickly on all routers, servers and of course printers! |
| ID | Identification | Sometimes called ‘username’ or ‘card number’ or some other thing, depending on your organization. Within PaperCut we’ve kept arguments to the minimum by standardizing on ‘username’ being for your actual user’s name, like hsimpson, and your ID being your card/identity number, like 8128. Not to be confused with your PIN. |
| PIN | Personal Identification Number | Just like your PIN that you use at the ATM (you know that one right?) or cash machine, with your debit/credit card. It’s something that you |
| 2FA | Two Factor Authentication | It’s all over the news when someone gets twitter-hacked or facebook-shamed. 2FA is all about adding an extra layer of security to your login/authentication — and that layer should add ‘something that you have’ (a key/token etc.) to the ‘something that you know’ (your username and password). A good example is when you’re sent a text code to log into a service on a new computer, as well as needing your username and password. In a printing context, 2FA is often used for secure print release in security-focused organizations like Government or Healthcare. |
| RFID | Radio Frequency Identification | Gone are the days of having to swipe your card through a card reader. Nowadays everyone’s used to just ‘waving the card close to the reader’ — thanks to RFID. Whether it’s paying for your shoes, getting through the turnstiles at the station, or collecting your print job, it can all be done through a light ’touch’ of your card. Best of all? The same card can be used for multiple systems — cafeteria, building access, and the printer. |
| NFC | Near Field Communication | NFC lets devices (like phones) talk to each other securely. Everyone’s using this more and more with things like Android Pay or Apple Pay, letting your phone chat wirelessly to the cash register. PaperCut Pocket can use NFC to support easier secure print release and Find-Me printing using a mobile phone. |
| MIFARE / HID / INDALA / CAC | These are popular standards for encoding information on a RFID card. You use these groups of magic any time you wave your RFID card near a reader, and it picks out the unique code. PaperCut’s Multi-function printer embedded solutions can be configured to use RFID readers from these most popular brands. | |
| QR Code | Quick Response Code | These zebra-like squares allow people to scan the code, and quickly (or automatically) do something as a result. It might be scanning a code on an advert at the bus stop to get a special offer, or scanning the code at your printer to release your print job automatically. PaperCut Pocket can use QR Codes to allow users to release their print jobs using their smart phone. |
| HL7 | Health Level 7 | A set of international standards for transferring clinical/medical information around different health providers. In short, trying to wrangle a standard method of accessing information across billing systems, records systems, and administration systems. |
| FHIR | Fast Healthcare Interoperability Resources | Along the same lines as HL7. This standard was created by HL7 with the aim of standardizing how to transfer electronic health records. |
| NLB | Network Load Balancer | Some kind of server or appliance on a network that handles traffic distribution to multiple servers capable of doing the same thing. Kind of like the person telling you which queue to join at airport security (dishing out traveller traffic to multiple identical body scanner stations), but without the inevitable fact that the queue that you’ll join will instantly become the slowest queue. |
| MTGB | Medium To Good Bean | Yes, it’s a coffee acronym, but we’re at the end of a long list and coffee does come to mind :) |