Cyber-Secure SaaS Printing

Celiveo Zero Trust Access Print Security
Celiveo is a Microsoft Gold partner, active in Azure Cloud

Celiveo 365 protects your information

 Celiveo 365 has been entirely designed to ensure your documents and your users information is protected in the Cloud, in transit and on your printers.

 

  • Its core architecture is based on the Zero-Trust-Access technology where any communication is considered hostile unless proven otherwise.
  • Our engineers designed the back-end Cloud infrastructure so that no usable user or documents data can be accessed by hackers, even if they get to the database or documents storage.
  • We guarantee full separation of data: each account benefits from a dedicated SQL Server database and can only access this one.
  • Documents and print jobs data stored in Cloud database are AES256-encrypted with dynamic keys
  • No end-user information is stored unencrypted in the Cloud, and no credentials are used anywhere by Celiveo

Zero-Trust-Access architecture is the only way to truly secure information:

R

Subscription for Celiveo 365 can only be performed by administrators with appropriate rights in AAD, using their Microsoft login. No email-based subscription is used, it is too insecure.

 

R

Printer Administrator and Printer Technician get automatic access to Celiveo 365 web portal thanks for Microsoft Single-Sign-On. No login/password or secret keys are ever used, they are too insecure.

 

R

All communication to the Cloud rely on multi-level ECC-P256 Elliptic Curve certificates, members of a unique certificates tree specific to the account. They identify each node properly upon connection and no communication can happen without proper vetting. Beyond identification and secure access they are also used for TLS encryption of all flows to and from the Cloud. Using certificates allows instant revocation, in example when a printer or PC is decommissioned.

 

R

Documents are encrypted using AES256 with dynamic keys that depend from the certificate of the requesting party, encrypted files are furthermore stored in Azure blobs and locked for the destination IP address.

Zero-Trust-Access-Security
Secure-Cloud-Print-Security-SOC2-ISO27001-Celiveo-365

24×7 Security and Compliance audits

 

Celiveo 365 development and SaaS benfit from the highest security against cyber threats and vulnerabilities:

  • A development security operations (DevSecOps) solution that unifies security management at the code level with triple analysis and validation in the compiling pipeline: SAST, DAST and SCA plus a final antivirus scan
  • A cloud security posture management (CSPM) solution that surfaces actions to prevent breaches
  • A cloud workload protection platform (CWPP) with specific protections for elastic apps, storage, databases, and other workloads

Furthermore the Celiveo 365 SaaS security is audited daily for full compliance with the most stringent security standard, Celiveo 365 subscribers can request the copy of the following compliance reports, any day of the year:

        • SOC TSP
        • SOC 2 Type 2
        • ISO 27001:2013
        • Azure CIS 1.4.0
        • NIST SP 800-53 R5
        • NIST SP 800 171 R2
        • FedRAMP H
        • FedRAMP M
        • UK OFFICIAL
        • UK NHS
        • Canada Federal PBMM
        • New Zealand ISM Restricted
        • New Zealand ISM Restricted v3.5
        • Australian Government ISM Protected 

This is true data security, to compare with what other Cloud Print solutions propose:

R

Real Zero-Trust-Access Cloud architecture, using Cert chains to identify and authenticate endpoints and traffic before any data is communicated

R

One PaaS SQL Server database per account, no shared database

R

Full AAD/Entra ID Single-Sign-On, MFA security and no admnistration overhead

R

Complies with GDPR, CCPA, LGPD, POPI, HIPAA, FCRA, FERPA, GLBA and PDPA privacy laws

R

No personal user data stored in the Cloud when only advanced Secure MFP are used

R

User ID-Code and card numbers are stored as a SHA2 in the Cloud, impossible to decrypt

R
Print jobs tickets stored in Cloud are fully encrypted and use SHA2 Hash
R

Documents released to printers get double encryption: data-encryption and TLS 1.2/1.3 transport flow encryption using state-of-the-art P256 Elliptic Curve certificates

R

Celiveo 365 is not running on any Virtual Machine or dedicated servers, therefore it is immune to Operating System vulnerabilities, does not require OS updates or reboot

R

Celiveo 365 is a Native Elastic App inside Microsoft Azure, benefiting at each moment from all Azure DDOS and advanced security services

R

Even the Celiveo R&D or support teams cannot see / decrypt your documents and users’ data

R

Celiveo 365 is secure 24×7 by a CNAPP, pentested and audited daily against the 14 most stringent security norms, with reports available to subscribers