Hot Minute Ep. 93 - iCE LiNK Security

Show Notes

In this episode of Hot Minute, Bryan is joined by Katsushi Kaneda of the Workflow Design team to talk about the security behind iCE LiNK.

Topics:
・What security measures does iCE LiNK have?
・Can a machine get hacked?
・What does data does Horizon see?
And more!

Want to know more about Kaneda-san and the Workflow Design team? 

Listen to episode #68

＊＊＊＊ What is Hot Minute? ＊＊＊＊
#1 Hot Minute Introduction  
https://www.buzzsprout.com/1245734/10456703

Hot Minute is for any official Horizon distributor so please feel free to share it within your respective company circles (please refrain from sharing it on social media or to those who aren't a Horizon dealer).

＊＊＊＊ Past Episodes ＊＊＊＊
#92 - Behind #HistorywithHorizon

Public #4 Herbert Cheong and #HistorywithHorizon

Public #3 Ryuji Kinugawa and #HistorywithHorizon

#91 - Drupa 2024 Update #3

#90 - Freshman Spotlight: Himeka Yokoyama
 
#89- IFS Technical Service Training

Public #2 - #HistorywithHorizon ft. Hideharu Hori

#88 -  Creating Greeting Cards with the RD

#87 -  Smart Factory Webinar #7 & Solution Catalog

#86 - iCE LiNK Data & Service Reports

Public #1 - Eijiro Hori's #HistorywithHorizon

#85 - #HistorywithHorizon

#84 -  2023 in Review

#83 -  User Visits in China

#82 -  Member Spotlight: Adrienne Culley

#81 -  Smart Factory in Action & Webinar

Transcript

【INTRO】

【Bryan】

Welcome to another episode of Hot Minute, I’m joined with Katsushi Kaneda of the Horizon International Workflow Design team to discuss iCE LiNK security. Thank you for joining me today Kaneda-san!

【Kaneda-san】

Hello everyone!

【Bryan】

Before we jump into today’s topic, could please give us a brief introduction of yourself and the Workflow Design team?

【Kaneda-san】

Hello everyone, I'm Kaneda. I belong to the Workflow Design Team, where we design processes such as MIS, prepress, and finishing to create efficient workflows for post-processing.

I possess skills in JDF, prepress, cloud, and of course, networking knowledge, necessary for building these workflows. Drawing from my experience in marketing cloud products at a previous manufacturer, it is our team's role to propose solutions to you based on these essential skills.

【Bryan】

The Workflow Design team is essential for the future of our iCE LiNK and smart-factory tech integration. Now onto today’s topic: iCE LiNK security. I know that this is a subject that’s on the mind of all our partners and users, maybe the easiest way to begin explaining this is with some roleplaying: are you ready Kaneda-san?

【Kaneda-san】

It's all right

【Bryan】

Alright, so let’s pretend that I am a potential customer and you are one of our dealers, ok?

“I’m very interested in your Horizon iCE LiNK, but I’m worried about security? We need to make sure our job data and information is safe and won’t be leaked or stolen.”

As the dealer, what is your response?

【Kaneda-san】

Ohayo gozaimasu Bryan-san!

First, let me explain the basic information: iCE LiNK is provided as a SaaS (Software-as-a-Service) and follows the public cloud model. iCE LiNK utilizes the AWS cloud environment and is deployed across three locations. 

【Bryan】

So Amazon Web Service is… 

【Kaneda-san】

“AWS,” yep.

Since iCE LiNK is provided via the cloud, security policies are of utmost importance. The security policy of iCE LiNK follows AWS's security policy, leveraging expertise in security measures and maintaining cloud environment services.

 

Now, I will explain the key points to ensure security, as mentioned in your question.

1. Use of robust encryption technology: Horizon iCE LiNK ensures data security by employing the latest encryption algorithms. Data is stored encrypted, safeguarding it from unauthorized access. iCE LiNK uses secure ports, with browser access utilizing TLS 1.3. Moreover, Horizon devices and edge PCs transmit information to the cloud using proprietary encryption protocols, also employing TLS standards. It's essential for users to have facilities such as DMZ or proxy servers to maintain security on the network route accessing the WAN environment. Incorporating antivirus solutions like UTA is also effective.

2. Implementation of access control: Access to the system is managed following strict access control policies, ensuring unauthorized users cannot access confidential information. While iCE LiNK sets password registration criteria to combinations of eight or more characters, it's crucial for introduced users to manage access control policies.

3. Regular security audits: Regular security audits are conducted to identify and address vulnerabilities and security risks in the system. This ensures compliance with the latest security standards and addresses threats. Utilizing AWS's cloud environment, we determine that regular security audits are met. Additionally, iCE LiNK undergoes regular audits, and if any vulnerabilities are identified, updates are provided accordingly.

4. User education and training: Training is provided to users to enhance their security awareness, ensuring familiarity with security policies and best practices. This fosters a culture of security within the organization, preventing security breaches. It's essential to conduct training sessions with external security firms or IT departments to raise awareness not only for providers but also for users.

By implementing these measures, Horizon iCE LiNK ensures the safety and protection of customer data

and information.

【Bryan】

So to review the four points you just went over:

1. We use a robust encryption

2. Implement access control

3. Regular security audits

4. User education and training

In general, what concerns should printers have when using workflow/management software like iCE LiNK?

【Kaneda-san】

Since accessing external networks from internal networks, it is necessary for users to establish security measures and antivirus protection in their network environment.

【Bryan】

Why are these NOT concerns with iCE LiNK?

【Kaneda-san】

We provide the environment I explained earlier, so there is no need for concern.

【Bryan】

What data is shared from devices that are connected to iCE LiNK?

【Kaneda-san】

The machine's device status, life counter, set data, error information, and other data are included. Since iCE LiNK provides data acquisition and analysis results related to post-processing, there is no way to access information about the customer's brand owner. Therefore, such concerns are avoided.

【Bryan】

What data can Horizon see? And for what reasons are we using them?

【Kaneda-san】

Horizon utilizes the understanding of machine device status, life counters, set data, error information, and more to support error frequency analysis and user support, generate regular reports for providing feedback on developed products and improvements, and facilitate enhancement efforts.

【Bryan】

How is the data we receive protected?

【Kaneda-san】

Safely protected within AWS's cloud centers with robust security measures.

【Bryan】

With the Amazon Web Service we can guarantee high level security.

This may be a stupid question, but could Horizon devices connected to iCE LiNK be hacked into and made unusable or something?

【Kaneda-san】

The likelihood of that is quite low.

To prevent device hacking, connections are routed through edge PCs. Furthermore, the information between the edge PC and the device is encrypted with proprietary encryption.

【Bryan】

Is iCE LiNK available for users that don’t want to be connected to the cloud?

【Kaneda-san】

We can provide an on-premise version.

However, since the benefits of the cloud will be lost, on-site support becomes essential.

【Bryan】

They’re not connected to the cloud so we can’t see any errors or other sorts of things going on.

Any other information or points I’m missing?

【Kaneda-san】

Maintaining high security is crucial for both Horizon and user awareness of security. Additionally, iCE LiNK's security policy is documented in a white paper. If needed, please feel free to contact me.

【Bryan】

Sound great Kaneda-san, I think that does a great job on introducing the security that goes behind maintaining iCE LiNK. Thank you for your time today, it was a pleasure talking to you.

【Kaneda-san】

Thank you Bryan-san

【OUTRO】