Cyber-Secure SaaS Printing
Celiveo 365 protects your information
Celiveo 365 has been entirely designed to ensure your documents and your users information is protected in the Cloud, in transit and on your printers.
- Its core architecture is based on the Zero-Trust-Access technology where any communication is considered hostile unless proven otherwise.
- Our engineers designed the back-end Cloud infrastructure so that no usable user or documents data can be accessed by hackers, even if they get to the database or documents storage.
- We guarantee full separation of data: each account benefits from a dedicated SQL Server database and can only access this one.
- Documents and print jobs data stored in Cloud database are AES256-encrypted with dynamic keys
- No end-user information is stored unencrypted in the Cloud, and no credentials are used anywhere by Celiveo
Zero-Trust-Access architecture is the only way to truly secure information:
Subscription for Celiveo 365 can only be performed by administrators with appropriate rights in AAD, using their Microsoft login. No email-based subscription is used, it is too insecure.
Printer Administrator and Printer Technician get automatic access to Celiveo 365 web portal thanks for Microsoft Single-Sign-On. No login/password or secret keys are ever used, they are too insecure.
All communication to the Cloud rely on multi-level ECC-P256 Elliptic Curve certificates, members of a unique certificates tree specific to the account. They identify each node properly upon connection and no communication can happen without proper vetting. Beyond identification and secure access they are also used for TLS encryption of all flows to and from the Cloud. Using certificates allows instant revocation, in example when a printer or PC is decommissioned.
Documents are encrypted using AES256 with dynamic keys that depend from the certificate of the requesting party, encrypted files are furthermore stored in Azure blobs and locked for the destination IP address.
24×7 Security and Compliance audits
Celiveo 365 development and SaaS benfit from the highest security against cyber threats and vulnerabilities:
- A development security operations (DevSecOps) solution that unifies security management at the code level with triple analysis and validation in the compiling pipeline: SAST, DAST and SCA plus a final antivirus scan
- A cloud security posture management (CSPM) solution that surfaces actions to prevent breaches
- A cloud workload protection platform (CWPP) with specific protections for elastic apps, storage, databases, and other workloads
Furthermore the Celiveo 365 SaaS security is audited daily for full compliance with the most stringent security standard, Celiveo 365 subscribers can request the copy of the following compliance reports, any day of the year:
- SOC TSP
- SOC 2 Type 2
- ISO 27001:2013
- Azure CIS 1.4.0
- NIST SP 800-53 R5
- NIST SP 800 171 R2
- FedRAMP H
- FedRAMP M
- UK OFFICIAL
- UK NHS
- Canada Federal PBMM
- New Zealand ISM Restricted
- New Zealand ISM Restricted v3.5
- Australian Government ISM Protected
This is true data security, to compare with what other Cloud Print solutions propose:
Real Zero-Trust-Access Cloud architecture, using Cert chains to identify and authenticate endpoints and traffic before any data is communicated
One PaaS SQL Server database per account, no shared database
Full AAD/Entra ID Single-Sign-On, MFA security and no admnistration overhead
Complies with GDPR, CCPA, LGPD, POPI, HIPAA, FCRA, FERPA, GLBA and PDPA privacy laws
No personal user data stored in the Cloud when only advanced Secure MFP are used
User ID-Code and card numbers are stored as a SHA2 in the Cloud, impossible to decrypt
Documents released to printers get double encryption: data-encryption and TLS 1.2/1.3 transport flow encryption using state-of-the-art P256 Elliptic Curve certificates
Celiveo 365 is not running on any Virtual Machine or dedicated servers, therefore it is immune to Operating System vulnerabilities, does not require OS updates or reboot
Celiveo 365 is a Native Elastic App inside Microsoft Azure, benefiting at each moment from all Azure DDOS and advanced security services
Even the Celiveo R&D or support teams cannot see / decrypt your documents and users’ data
Celiveo 365 is secure 24×7 by a CNAPP, pentested and audited daily against the 14 most stringent security norms, with reports available to subscribers