Sharp Synappx Go, Synappx Meetings User Manual

Security White Paper for Synappx Meeting and
Synappx Go
Contents
Synappx Go and Synappx Meeting Applications .......................................................................................................... 2
Security White Paper .................................................................................................................................................... 2
1. Introduction .......................................................................................................................................................... 2
2. Overview of Architecture ...................................................................................................................................... 3
3. Synappx Cloud Services ........................................................................................................................................ 4
4. Synappx Admin Portal ........................................................................................................................................... 5
4.1 Role Based Access and Log in (For Admin Portal and Clients) ...................................................................... 5
4.2 Auth0 (Identity Service Provider) .................................................................................................................. 6
4.3 Granting Synappx Application Privileges ...................................................................................................... 6
4.4 Importing Users or Workspaces from Azure AD ........................................................................................... 8
4.5 Synappx Go Agent Downloads....................................................................................................................... 8
4.6 Synappx Reports ............................................................................................................................................ 9
5. Windows and Apple Mac Clients for Synappx Meeting ........................................................................................ 9
6. Synappx Go and Synappx Meeting Mobile ......................................................................................................... 10
7. Synappx Go NFC Tags .......................................................................................................................................... 11
8. Synappx Go MFP Agent....................................................................................................................................... 11
8.1 MFP Agent Install ......................................................................................................................................... 11
8.2 MFP Agent Communications ....................................................................................................................... 12
8.3 MFP Agent Requirements ............................................................................................................................ 12
8.4 MFP Agent Device Discovery ....................................................................................................................... 12
8.5 MFP Agent Print Release and Scan Documents .......................................................................................... 13
9. Synappx Go Display Agent .................................................................................................................................. 13
9.1 Display Agent Installation ............................................................................................................................ 13
9.2 Display Agent Communication .................................................................................................................... 14
9.3 Display Agent Contents Share ..................................................................................................................... 14
10. Corporate Security .......................................................................................................................................... 15
11. Corporate Policies and Practices .................................................................................................................... 15
12. Sharp Administrator Access of Data ............................................................................................................... 16
13. Sharp Privacy Policy ........................................................................................................................................ 16
14. Summary ......................................................................................................................................................... 16
Synappx Go and Synappx Meeting Applications
Security White Paper
1. Introduction
Overview
Synappx Go and Synappx Meetings are collaboration, productivity and analytics applications and services. They are protected by a robust, layered security system to ensure the system and its components are not opening points of vulnerability for your data or networks. Through a combination of world-class technology providers including Microsoft Azure, G Suite and security best practices, your use of the Synappx services helps keep your information safe and secure while helping you enhance productivity in your office.
Security provisions related to Synappx are described in this white paper.
Synappx Go
Synappx Go is a mobile-centric service leveraging Near Field Communication (NFC) to enable convenient and time­saving scanning to favorite destinations and print release or printing cloud files to Sharp multifunction printers (MFPs) throughout your office. You are also able to use your mobile phone and app to select and download cloud content to the Sharp display via an NFC tap. Synappx Go cloud software and services leverage the Microsoft Azure database, device provisioning, IoT Hub and many other services.
Synappx Meeting
Synappx Meeting leverages the Azure cloud, rich clients, mobile and voice technologies to help users start meetings on time and be more efficient. With one click of a button, key meeting components are connected. Your PC is automatically mirrored to the Sharp meeting room display, the web conference starts automatically, and you can access meeting materials. Voice commands can be used to save time for common meeting actions. Synappx Meeting uses Microsoft Azure database, storage, Azure functions and more.
2. Overview of Architecture
The following is an overview of the Synappx Platform (powered by Microsoft Azure) including the Synappx Go and Synappx Meeting service components and architecture:
3. Synappx Cloud Services
Synappx Meeting and Synappx Go leverage Microsoft Azure cloud platform services as a foundation for the Synappx Cloud services. Microsoft Azure is a highly respected global cloud service with a wide range of features that are used by the Sharp Synappx product family, including the Azure Cosmos database, storage, several IoT Services, Key Vault, Security Center monitoring, backup and more.
Synappx solutions are hosted in secure Microsoft data centers located the U.S. Microsoft Azure Cloud and data centers are protected through Microsoft’s security practices. Each data center provides local data redundancy. In addition, all communication between the Sharp Synappx applications and Synappx Cloud services (hosted on Microsoft Azure) are encrypted via HTTPS (TLS v1.2, AES256), secured through X.509 certificates or MQTT (used by the MFP and Display Agent).
Access to all the Synappx cloud services from client applications require secure keys, certificates, or authentication tokens. After purchasing a Synappx service, each customer is assigned a unique certificate for communications that is stored in Microsoft Key Vault to enable secure, customer-only access. Synappx Azure database access is limited to white listed IP addresses from secure Azure App Services. Microsoft Key Vault is used for storage of SSL certificates, X.509 signing certificates, private keys, and other content requiring the highest security. Access to Microsoft Azure Key Vault is limited only to Sharp service principals and system users with associated access permissions.
Synappx Go and/or Synappx Meeting customer specific data stored in the secure Azure cloud databases include the following:
Both Products:
User first name, last name and email address (imported from Azure AD orG Suite to Synappx by Admin)
Admin user first name, last name and email address (imported from Azure AD or G Suite to Synappx by
Admin)
Workspace (meeting room) names, email addresses and locations imported from Microsoft Outlook or G
Suite Directory to Synappx by Admin
Manually added workspace names and locations
Company domain aliases from Azure AD and G Suite
Application usage data to generate reports for Admin use
Synappx license data (e.g. expiration)
System logs
Synappx Meeting Specific:
Display IP address and port (if configured by Admin)
Optional Display account ID and display password (if configured by Admin)
Casting sender type, IP address and PIN (if configured by Admin)
Meeting name, actual meeting duration (start time and end time), meeting location name, attendee name
and attendee email address
Synappx Go Specific:
MFP information (model name, IP address, serial number) discovered via Admin initiated SNMP discovery
MFP Agent information (computer name, computer ID, version number, update policy, date last updated)
Display Agent information (computer name, computer ID, version number, update policy, date last
updated)
NFC tag information (tag ID, type) associated with Admin configured devices
Data in Synappx databases is only accessible to licensed customers via the Synappx applications and limited Sharp staff if required for support purposes.
Overall, Sharp governance of the Synappx cloud services limits system access to minimal staff for deployment and support purposes. See Sharp security policy sections for more details
For more information on Microsoft Azure security, see the following links related to features used by Synappx services:
Overview: https://docs.microsoft.com/en-us/azure/security/security-white-papers
Data Encryption at Rest: https://docs.microsoft.com/en-us/azure/security/azure-security-encryption-atrest
Azure Network Security: https://docs.microsoft.com/en-us/azure/security/security-network-overview
Azure Functions and Serverless Platform Security: https://docs.microsoft.com/en-us/azure/security/abstract-
serverless-platform-security
Azure Storage Security Guide: https://docs.microsoft.com/en-us/azure/security/security-storage-overview
Security Management in Azure: https://docs.microsoft.com/en-us/azure/security/azure-security-management
Azure Management-Governance: https://docs.microsoft.com/en-us/azure/governance/
4. Synappx Admin Portal
Administrators (Admins) for Synappx Meeting and Synappx Go configure and manage the Synappx system through the Synappx Admin Portal web pages. Adding workspaces/meeting rooms, users, devices, additional Admins and more are performed via these secure web pages. License management is done via the Admin Portal and license status can be viewed here. Reports help demonstrate Synappx system usage and business value. Downloads (for Synappx Go) are conveniently accessible via these pages. System logs can be downloaded.
4.1 Role Based Access and Log in (For Admin Portal and Clients)
Access to the Synappx Admin Portal system is controlled using tenant-based and role-based authentication processes. Users are set up in each tenant and are associated with a specific customer account and in accordance with their usage roles and permissions. The initial Administrator is identified as part of the purchase order process. Additional Admins can be added after successful log in to the Synappx portal by the initial Admin.
Only Admins designated or assigned by the customer can access, configure, license, manage Synappx service users and workspaces, view reports, etc. for their account via the secure web portal. All communications with the Admin Portal are via HTTPS/SSL (TLS1.2) port 443 to protect data in transmit.
Synappx Meeting and Synappx Go leverage Admins and users’ Microsoft 365 or G Suite credentials to avoid having to set up, manage and protect separate Synappx log-in credentials. By design, Synappx services do not have access to Microsoft 365 or Google G Suite customer passwords. The system leverages Azure Active Directory or G Suite Directory and relies on authentication tokens to identify Admins and users (for client access). The user identity is confirmed with your Microsoft Azure AD (for Microsoft 365accounts) or G Suite Directory (for G Suite accounts) through a secure identity partner Auth0 (see below) and user passwords are never stored in the
Loading...
+ 12 hidden pages