Local Encryption ... Why Not?

scottalanmiller

If you are using the online version of MS Office, you don't need to pull data down locally to print. So if you were to send me an Excel spreadsheet to print, it would open directly from OWA to Hosted Excel. Then when I tell it to print, it would do it from there. No need for local data for that kind of task, for example.

scottalanmiller

@dafyre said:

@BRRABill said:

@scottalanmiller

So bringing this offshoot back here.

I think I now understand you are talking about, if it makes sense, to store all the data in the cloud, and work on none of it locally.

However, is there is a need to produce something locally, it might be needed to bring it down, and hence you would need to secure it in whatever way deemed necessary.

Right. And then upload it back to your non-local storage after you have finished working with it.

Yup. Hard to come up with real world cases where this would be necessary, though. You have to come up with stuff like "local video editing" where you are using a laptop instead of a workstation and can't do it on a hosted SaaS application. These cases exist, but they are very rare and specialty today.

BRRABill

@scottalanmiller said:

If you are using the online version of MS Office, you don't need to pull data down locally to print. So if you were to send me an Excel spreadsheet to print, it would open directly from OWA to Hosted Excel. Then when I tell it to print, it would do it from there. No need for local data for that kind of task, for example.

When I did that, it made a PDF to download.

Now, granted, this was the free version of Word, and on a Mac.

So perhaps it would work as you say with the full version.

Dashrender

@BRRABill said:

@scottalanmiller said:

If you are using the online version of MS Office, you don't need to pull data down locally to print. So if you were to send me an Excel spreadsheet to print, it would open directly from OWA to Hosted Excel. Then when I tell it to print, it would do it from there. No need for local data for that kind of task, for example.

When I did that, it made a PDF to download.

Now, granted, this was the free version of Word, and on a Mac.

So perhaps it would work as you say with the full version.

What do you mean? you choose the option to print and it didn't print, instead it offered you a PDF?

BRRABill

@Dashrender said:

What do you mean? you choose the option to print and it didn't print, instead it offered you a PDF?

Yes.

I chose PRINT (from WORD ONLINE) and it then said "HERE IS YOUR PDF TO PRINT".

scottalanmiller

@BRRABill said:

@scottalanmiller said:

If you are using the online version of MS Office, you don't need to pull data down locally to print. So if you were to send me an Excel spreadsheet to print, it would open directly from OWA to Hosted Excel. Then when I tell it to print, it would do it from there. No need for local data for that kind of task, for example.

When I did that, it made a PDF to download.

Now, granted, this was the free version of Word, and on a Mac.

So perhaps it would work as you say with the full version.

You probably don't have Office 365 with online MS Office. So there is no online tools for you to use.

scottalanmiller

@BRRABill said:

@Dashrender said:

What do you mean? you choose the option to print and it didn't print, instead it offered you a PDF?

Yes.

I chose PRINT (from WORD ONLINE) and it then said "HERE IS YOUR PDF TO PRINT".

That's super weird!

scottalanmiller

I'd test some more but.... logins for Office 365 appear to be down right now.

Dashrender

@scottalanmiller said:

@BRRABill said:

@Dashrender said:

What do you mean? you choose the option to print and it didn't print, instead it offered you a PDF?

Yes.

I chose PRINT (from WORD ONLINE) and it then said "HERE IS YOUR PDF TO PRINT".

That's super weird!

that's exactly what I was thinking.

time to make a simple word doc and try it.

Dashrender

Holy cow, I got the same thing.

Dashrender

Now my browser does have a PDF viewer enabled in it, so the file opened in the browser, but I'm pretty sure it did download and open locally.

This definitely seems odd, but now that I think about it, makes some sense. Because you're not printing the whole browser window, or even a window within the browser, Word (in this case) needs some way to enforce printing format. Forcing it to a PDF and then requiring the user to use a local PDF view to do the printing does make sense...

Though i wonder if it would have been better to have the print job open in a new Window formatted as desired, ignoring actual window size, etc... and then launching the browser print option - though I'm guessing there it to much chance that printing would not have the correct formatting.

scottalanmiller

Very odd. Although I suppose this helps to highlight that if you go to print, you are exposing things. Printing isn't secure - not from the network side nor the paper side. If you are forced to download a PDF, I guess it would help to remind users that they are doing something inherently insecure.

But why would it do this rather than printing directly?

Dashrender

@scottalanmiller said:

But why would it do this rather than printing directly?

Did you post this while I was editing my previous post?

scottalanmiller

Yes

Dashrender

What do you think of the possible reasons I posted?

scottalanmiller

That seems to make sense. By going to PDF you know that you will be able to get an exact copy rather than something "close-ish."

BRRABill

@scottalanmiller said:

Very odd. Although I suppose this helps to highlight that if you go to print, you are exposing things. Printing isn't secure - not from the network side nor the paper side. If you are forced to download a PDF, I guess it would help to remind users that they are doing something inherently insecure.

But why would it do this rather than printing directly?

Printing can be secure.

Our copier is HIPAA compliant.

You could also just hang a personal laser printer off the box you want to be secure.

My point is that who knows what files these secure browsers are putting on your machine.

When I am going across some crazy border as a spy, I want to be sure. (NOTE: I have barely ever left the US.)

Dashrender

@BRRABill said:

@scottalanmiller said:

Very odd. Although I suppose this helps to highlight that if you go to print, you are exposing things. Printing isn't secure - not from the network side nor the paper side. If you are forced to download a PDF, I guess it would help to remind users that they are doing something inherently insecure.

But why would it do this rather than printing directly?

Printing can be secure.

Our copier is HIPAA compliant.

You could also just hang a personal laser printer off the box you want to be secure.

My point is that who knows what files these secure browsers are putting on your machine.

When I am going across some crazy border as a spy, I want to be sure. (NOTE: I have barely ever left the US.)

I have no idea what you're talking about crossing borders...

But Scott's point is still valid. Once you print the paper the information is no longer secure. it can go anywhere, everywhere with no tracking.

How is your copier HIPPA compliant? Because the drive is encrypted and requires a username/password to get into the drive? Sure that makes it HIPPA compliant, but does not make it secure. If this was a high value target, someone could install a tap on the network connection and probably capture the prints in transit. I'm not aware of any printer that has a driver that uses SSL, though I'm sure there are some out there today.

BRRABill

@Dashrender said:

I have no idea what you're talking about crossing borders...

Was an IT joke. Poor one, perhaps.

Like if I was a spy.

BRRABill

@Dashrender said:

But Scott's point is still valid. Once you print the paper the information is no longer secure. it can go anywhere, everywhere with no tracking.

Not really. It is still trackable, and considered secure in the US Mail since it is a federal violation to tamper with that.