10 Replies Latest reply on Aug 5, 2015 5:49 PM by Paul LaFollette

    Hosted part of new products = can't use anymore.  Anyone else?

    Yadin Flammer Navigator

      I'm looking to gather community voice on this issue.  If you're not aware yet, the new Beacon product is at this time hosted only, and portions of Uniprint 9.1 and the new mobile print version are also planned as hosted only.  The hosting is on Amazon S3 storage.  For us at Penn State, this means we can not use the products at all and would have to find a new print solution.  Obviously that's not a trauma we want, and I've detailed the issue with Pharos already, but I'm looking to see how many others in the community have this as a total stop issue.  I'm hoping with enough community backing we can get development to shift and offer a local option.


      To detail this further, PSU data categorization policy prohibits (in general) certain data from being in 3rd party hands.  With the Pharos products mentioned, this includes IP address, user info, and financial data.  The additional issue is that even if PSU came to a legal agreement with Pharos over their access to this data, it has already been declared that storing any of this data with Amazon's service (which is where Pharos is hosting these services) is not allowed.  So for us, it's a total stop if things go hosted because we can't use the product in that space. 


      Since Uniprint 9.0 and Mobileprint 2.0 ARE local, our push is to have Pharos reconsider this black and white move and offer the new versions in EITHER local (for folks like us who have data regulations), OR hosted (for people who want to reduce infrastructure and have no such concerns on the data in question).  I recognize Beacon may be a no go as it was never intended to be local, and we'd have to accept not being able to use that new product, but Uniprint is not a product we want to lose after 8 years of use, and the new Mobileprint stuff is great so we'd hate to lose that as soon as it started.


      So, does your institution have the same brick wall issue over data regulations?  Or do you still have lax enough policies you'll be able to run this?  But if so, do you have concern rules like ours could come in the near future and then suddenly jeopardize your printing solution?

        • Re: Hosted part of new products = can't use anymore.  Anyone else?
          Mark Robertson Ranger

          This is my concern also.  I have just begun looking into the legal concerns as far as the campus is concerned. 

          I, too, am curious to see what other campuses are going to be able to do with these cloud based services.  Cloud based services are the growing trend and even some of our library catalog systems and services are cloud based now. 


          It will be interesting to see the other replies.

          • Re: Hosted part of new products = can't use anymore.  Anyone else?
            Bill Kasper Guide



            As I've been doing discovery about implementing Beacon this week, I've run into the same issues.  I really, really don't want to have to change from Pharos, but PII and HIPAA data moving from desktops to the cloud and back are big NO NOs here.  I am already going to have to have big disclaimers on using the email/pdf process for MobilePrint, because our mailto address is a Google address (they host our email).  Not that most people are going to want to send that kind of attachment, but if they do, and it gets sniffed, and PII data is released, UCSC does NOT want to have the indemnification.


            That said, we do have some very select operations going on Amazon's S3 cloud.  Whether Beacon/Uniprint-in-the-cloud is one of them will be hashed pretty hard the next few months.  I don't know if the PII/HIPAA data will be the deal breaker.


            I'd much prefer to have both options, rather than just one.  I can see a future where many customers in our boat must move to something like Equitrac, in order to keep the operations on the ground.  That would be a huge loss of knowledge, time, money, etc., not to mention custom for Pharos, Inc...

            • Re: Hosted part of new products = can't use anymore.  Anyone else?
              Paul Reddy Wayfarer

              Hi Yadin Flammer,


              First... thank you for raising this topic and getting the conversation going - I appreciate any and all feedback! It was also great to meet you at the Pharos User Conference.


              To clarify our current products at Pharos...


              Beacon Fleet Manager and Print Analytics are cloud only products. They are designed to have a very low cost of install and footprint to help customers assess and manage their print fleet and print costs. Beacon Fleet Manager only records device information, which is generally less sensitive. Beacon Print Analytics does record user print data, but you can elect to not record sensitive information about users if required.


              The Uniprint Connector for Beacon also collects user data from Uniprint and transfers it to Beacon Print Analytics.


              If you have any concerns about Beacon and its security, have a look at our Data Security Whitepaper. Also Pharos has a team that can work with your security team to clarify and modify what data is collected as necessary to stay within your organization's data policies


              Uniprint 9.0 is an on-site product. It will be fully supported for at least two more years - meaning it will get all bug fixes and security updates. We may also bring over future features from 9.1 if needed.


              Uniprint 9.1 is the first iteration of Uniprint with some of the features moved to the cloud. As a customer, you get reduced install complexity, reduced infrastructure requirements and automatic upgrades (i.e. we take care of it for you).


              The Uniprint 9.1 design avoids any permanent storage of sensitive customer data in the cloud. The only temporary data held is for the purpose of caching of requests for performance or to allow delayed processing.


              Differences 9.0 - 9.1


              Please note that the only major difference between Uniprint 9.0 and Uniprint 9.1 is the movement of some capabilities (Pharos Print Centre) to the cloud, so there is no pressing need to move to Uniprint 9.1 from 9.0. You have time to assess your strategy and work with us on the best solution.


              On to the discussion...


              Yadin has raised an excellent question... does it make sense to move some parts of your print services to the cloud? We are very interested to hear any and all discussions on this topic, and on your use of the cloud in general.


              From our side - we believe that excellent cloud services like Box.Net, Office 365, OneDrive, Google Apps and many others will only increase the impact of the cloud in our work environment. The steady increase in cloud capacity and quality of cloud solutions will drive more and more workloads to it. We also believe that businesses and education institutions are interested in reducing cost and infrastructure - and the cloud can assist with that. At Pharos - our accounting data is in NetSuite and our files are in Office 365/OneDrive. A few years ago I never would have believed that possible, but it works well.


              However, we do understand that PII, HIPAA and other frameworks create a challenge in needing to control and secure sensitive user and financial data. We are working on ways to address that, while still taking advantage of cloud services.


              We also understand the need to keep essential services running, even in the presence of internet or cloud failure. We are also looking very closely at this - any cloud based print solution must be resilient to transient network failures - we must keep printing up. We understand the crucial nature of your print infrastructure and we will meet this need.


              I want to work with customers like yourselves to help shape the product to meet your needs. I look forward to the discussion - and thank you for being involved, and for being a customer.


              Paul Reddy

              Founder, Product Portfolio Director.

              1 of 1 people found this helpful
                • Re: Hosted part of new products = can't use anymore.  Anyone else?
                  Mark Robertson Ranger

                  Thanks for the reply Paul.


                  I see many more advantages to the cloud solution than drawbacks so I intend to keep a close eye on the discovery process and the innovation to be coming our way.


                  I still worry about the campus IT security guys throwing a fit....so it is nice to know that Pharos will work directly with them to alleviate their concerns.  (Not being an IT guy, sometimes I don't even know the language, so a translator will be of great help!)






                  • Re: Hosted part of new products = can't use anymore.  Anyone else?
                    Bill Kasper Guide



                    Thanks for that.  As Mark says, it's the IT guys going berserk we have to worry about.  In a corporation, especially as one of its leaders, you have the right to do what you want (within the shareholder/etc. context).  Here at the Uni, we have no rights, they're all down to what IT is willing to let us do.  For example, I am having to move cautiously and have multiple discussions about deploying a device scout on our Class B subnet, because if I scan at that level they'll shut down the port thinking it's some kind of phishing or other scan that is trying to breach the network.  At Pharos, with your cloud usage, and with what you've agreed to put up on the cloud, you don't have to worry about your IT folk shutting you down.


                    And here in the US, ePhi/HIPAA/PCI data breaches are taken very seriously.  In an earlier incarnation at UCSC, I was responsible to try and get credit card payments through EFI's Digital StoreFront.  In the end (after many months of discussions with our data security team, accounting, and campus counsel) we couldn't do it because EFI weren't PCI-DSS compliant front to back, and wouldn't indemnify us against breaches (and the University was damned if they were going to self-indemnify).


                    I think it's also a fairly complex issue from university to university, and state to state.  We have rules from our top governing body (UC Office of the President), and amended rules here at UCSC, and particular rules based on our setup that come from the IT group.  The pathways to usage are going to vary even within our state between UCs, and are going to vary even more between UC and, say, University of Illinois or the Pennsylvania State University.  Flexibility of implementation, and strictest measures, are most likely to bring the largest coverage for success.




                    • Re: Hosted part of new products = can't use anymore.  Anyone else?
                      Chris Axtell Navigator

                      There are many pros / cons with regards to on-premises vs "cloud" based solutions. As previously mentioned there's the whole university policy / HIPPA / PCI and other rules, policies, and laws which must be abided by. Additionally there is the concern of network bandwidth / congestion possibilities between client and service provider source. For locations that have multiple paths to cloud service providers, off-campus bandwidth utilization may not be a major concern. For locations that have constrained paths to cloud services, having the option available to offer the same services on-premises would be desirable.


                      Personally I'd consider it a strong opportunity to offer Uniprint as both cloud based (where applicable for the sub-components) or as a fully locally hosted on-premises solution and let each individual site develop a deployment analysis to determine which solution model works best in accordance to the policies, rules, laws, and other guidance principals required for that site.


                      At this point if I had to choose between the two I'd select the locally hosted on-premises solution even if that means staying behind a revision.


                      Have a great day,


                      1 of 1 people found this helpful
                    • Re: Hosted part of new products = can't use anymore.  Anyone else?
                      andrew Tracker

                      I see I'm joining this a little late. I found it linked here.


                      I am one of "those IT guys" who tends to "go berserk" when people (vendors and end users) try to circumvent the rules and push products like Uniprint into a space where:

                      A. we were never informed of an intent to go

                      B. we were never invited to explore that pathway

                      C. the vendor and end users have pre-determined that it's "a done deal" despite A. and B. above.


                      Therefore, I'm feeling a bit boxed in on this discussion. My institution is fighting "cloud technology" tooth and nail for a variety of reasons, but mostly because the benefit largely lies in the profit margin for software and cloud vendors, and not in actualized returns for our institution. To whit, those services we have had no control over moving to the cloud have been nothing but thorns in our sides, with abyssmal service records despite promises of zero downtime; with growing pains to newer versions doubled and tripled from past experiences despite promises of seamless, unworrisome upgrades; and with functionality crippled in cloud based clients despite promises of improved functionality.


                      All this makes us very disinterested in moving print services from any vendor "to the cloud". I find it very disappointing, then, that Pharos appears to have chosen to take their tools (Pharos Administrator, Pharos Remote, Pharos Reports) to the web where they belong, but only if I choose to go cloud-based. If I stay self-hosted, they have to stay thick-client. What a disappointment, if correct. I am not the smartest sheep in the herd, but I know a boxing maneuver when I see one.

                      Please prove me wrong, Pharos. Please. Don't shove us into the cloud box; let us be free to make our choices with full functionality and full-range implementation choices.

                        • Re: Hosted part of new products = can't use anymore.  Anyone else?
                          Jeff Herald Guide



                          We are not forcing people to the 'cloud'.  We've received plenty of feedback from some customers that this isn't the direction everyone wants to go.  However, we've also received plenty of feedback from other customers that DO want this option.  The market indicates that off-premise solutions are in demand and that demand is growing.  No, not with every customers, but we would be falling behind if we didn't address it.  There are many advantages to this model, like keeping the product updated for many customers at the same time.  There are some disadvantages too, so we will need to be supportive of both point's of view. 


                          The newest Uniprint version, 9.0 R2, is a premise-based solution, that will provide optional new features to be hosted in the 'cloud' in the future.  The new features we provide may be both on-premise, and/or cloud-based depending on the platform required.  Customers will not be required to use cloud-hosted services.  We are listening to all of our customers, and are working to provide solutions and features desired.  Your comments are not falling on deaf ears, we understand and value you input.  Thank you.


                          -Jeff Herald - Pharos Systems

                          Technical Product Manager - Uniprint and Mobile Print

                        • Re: Hosted part of new products = can't use anymore.  Anyone else?
                          Paul LaFollette Guide

                          My "take" on this ...


                          While not opposed to 'cloud' based services, we do have areas/groups/needs where having any data travel out (to a cloud resource) and back would be very frowned upon if not totally rejected.  I, like may other Uniprint admins, are driven to try to provide an acceptable solution to ALL of our users, thus premise-based solution is preferred.  Having said that, Mobile print solutions are, by the mere fact it's a "mobile" solution, are acceptable in a off-premise setup as long as acceptable security steps can be in place ... along with maintaining high performance.


                          Just this week, I was tasked with providing a print solution (for three whole days) for a small group who were auditing a department.  The choices were to provide a print connection through their current server connects (their own remote servers, not part of our systems) or direct to the printer with guaranteed (practically in blood) assurance all data would be purged from the printer's memory.  We ended up handing them a printer and a USB cable.  There is no possibility of putting that kind of data security in a 'cloud' setup, not to say you can't do it more securely than by USB cable ... but because the end user may not be comfortable otherwise... and keeping the end user comfortable is important.


                          Maintaining high performance with minimal downtime, thus providing fast results for the users, are the primary driving needs ... followed by security demands.  These two items are driving factors for me preferring premise-based solutions, at least at this time.


                          - Paul L.