2021: Printing in&out of the office, the Smoke and the Cloud

| 12月 17, 2020 | Cloud, Covid, Covid-19, 首页, Microsoft, Universal Print | 0 条评论

How a global and terrible pandemic impacted one of the slowest industries but created a unique opportunity for a radical change in 2021 thanks to the Cloud

What high-tech industry has had no significant consolidation for the past 20 years, and besides speed and size, no significant change? Not many, and office printing is one of them. There are as many vendors as 20 years ago and the last consolidations were the purchase of Samsung Printing division by HP in 2017 and the merging of Konica and Minolta in 2003. Then Xerox tried the hostile takeover of HP but the Covid-19 had the last word, it was cancelled.

The core reason for printing being quite a static industry is that technical limits have been reached since a long time. Who needs a 4800dpi quality or 80 pages per minute to print a spreadsheet? Most printer vendors invested heavily in services, through managed print services and document solutions where the printer is just an entry or exit point for information. Print Management solutions market grew in popularity for two reasons, to keep the printer fleet and its cost under control, and to make it easy and safe for end-users to output documents on corporate office printers. But the revolution will not come from printer vendors, it will come in 2021 from the Cloud and the Covid-19 pandemic has been the catalyzer for that revolution.

Printing in the new normal office world

Bars and restaurants were forced to close during the pandemic but it is expected people will go more to those places when the crisis is over, partly to forget the past terrible months and restore social links. Office floors were partially or fully shut for months, and they will never be the same as the crisis forged the proof that a company can run with a limited on-premise office presence. And because office printers are on office premise, a combined effect is expected: overall print volume in the office shrunk drastically, the home office printing grew, and the future corporate office floors will need less network printers since they are much smaller.

Home office printing is the very interesting part of the equation. In the past companies provided VPN access to employees working from home. With the rise in security issues and the sudden need to have nearly all employees working remotely, the connection endpoint shifted from intranet VPN gateways to public Cloud where more and more apps are relocated. The corporate network becomes an “outward communication-only” highly secure environment and all users, whether they are on premise or at home, connect to a public Cloud.

This is exactly the value proposition of Salesforce and other similar vendors, and the lack of pure Cloud offer by SAP hit severely the company market value in 2020. Because applications are shifting away from the corporate office servers and users work much more from home and shared offices, the print architecture has to adapt, and the Cloud becomes its center. Using a print management solution hosted on a VM or server inside the company intranet becomes totally irrelevant in the “New Normal” world.

Smoke is not even a small Cloud

Printing has been on the Cloud radar for the past ten years, but Cloud-based print management solutions have been much more Smoke than Cloud until 2021, where a revolution happens.
Google has been the first to propose a true Cloud printing infrastructure, Google Print. That solution was introduced in 2011 as a beta release, was a real success although it was apparently never released as an official production product until it shut down the 31st of December 2020. What end-users liked is the ability to just plug a printer on a network with Internet access and be able to print, nothing fancy but very efficient and stable, no server or driver to setup/update/maintain/troubleshoot. But the trade off for that simplicity was that it did not provide the features expected by corporate IT in term of print jobs retention, encryption, tracking, rules etc. and those make a very significant difference on the actual cost of a printer fleet and the ability to fine tune that fleet.

Some print management solutions then tried to fill the gap and go Cloud, with limited success. Those offers were merely smoke to surf on the Cloud hype, not really a solid, secure and scalable strategy otherwise they would be the king of the industry today. So why has corporate printing been so difficult to migrate to Cloud? Three main reasons: complex security, IT complexity and lack of high-availability.

Security for documents content and delivery points

Printing in a corporate environment is about marking permanently on paper the most useful information. If information is not important, it is normally not printed and non-critical information such as coffee-talk topics list is now just paperless on web portals such as Teams.

A user who prints wants to feel safe that printing will succeed (no stress such as “will it work this time?”) and that his print job won’t be accessible to any unauthorized user, internal or external. Cloud printing is mostly acting like a multi-tenant black box spooler hosted somewhere in one or more VMs. End-users do not really know where those print spool files are stored, if they are really deleted after processing, if the Cloud app publisher/maintenance/IT staff can access them, what logs are kept etc. For solutions that feature the card authentication for printers and MFPs to unlock the access and allow pull print, then the question about personal data protection and country of data storage also applies. Who can access that user information data, could the user card number be copied to another user record to spoof the system?

Most of those fears are probably justified as some solutions are merely a “one client – one print management VM in the Cloud” solution that do not really answer the “can I trust those who can access the VM?” and “what about VM vulnerabilities and updates?” questions. If all print jobs flow through a compromised Cloud spooler, they can easily be automatically selected through keywords and hijacked, with a similar pattern as for the unfortunate SolarWinds Trojan horse attack discovered in December 2020. And it is probable very few, if any, of the print management vendors have the required IT security team to guarantee the integrity of their VMs hosted in any Cloud vendor, as security has become a full-time business in the 21st century. Many CSO will also rightly refuse to open ports on their corporate firewalls to allow the Cloud to communicate with printers on premise or establish a VPN that instantly become a penetration risk.

A Print Cloud solution can only be trusted when there is no independent environment (no VM, no gateway) and the whole solution relies on APIs and certificates. And this is exactly what Google Print was about, therefore its robustness and simplicity.

IT Complexity

The main Cloud adoption driving factor is definitely simplicity. The only true (and released) universal Cloud Print solution that has existed until now is Google Print and for a good reason: printer vendors included in their printer communication layer the piece of code for printers to detect and pull print jobs from Google Print in the Cloud. The architecture: some printers, the Cloud, no firewall to open, no gateway/server/PC involved, simple and efficient.

Most Print Management solutions that run today are on-premise server-based solutions that extend their reach to the Cloud by interfacing with some Cloud API. That’s not a Cloud solution, because they lack the code in the printer to communicate with the Cloud and display print release menus, they still need a gateway on premise, often creatively rebranded so that clients won’t notice too quickly their mandatory presence. And that local infrastructure carries a significant TCO.

Then most Print Management application run either on premise or in a VM hosted on the Cloud. Because OS maintenance and software updates needs to happen regularly, it remains to be seen how that translates to service availability when there are hundreds of clients. The TCO and IT security risk are also to be carefully assessed as to be scalable, resilient and up to date in term of vulnerabilities is far from being an easy task for a Cloud service based on VMs.

Because there are very few technical standards in the Print industry, it has always been a babel tower even within some brands, no standard operating system, no universal driver working on more than one brand without losing capabilities, different paper tray numbering etc. Several printer vendors propose their own flavor of Cloud-based Print management, such as HP, Canon, Lexmark and Xerox, most are very decent solution proposed at attractive price. Now not clients are OK to be locked forever on one printer brand, since those vendor Cloud solutions only work on their own printers. The ability to mix brands or switch between brands can be a must-have for some clients and a new tender for printers should not result in any change on the print management solution side, with all PC to update, users to train again and a painful progressive transition. Choosing a vendor-agnostic solution is then key for many clients.

Mission-critical service

A printer is a mission-critical device, users expect to get instantly the full document or be able to make a copy or a scan, whatever happens. When a solution is Cloud-based there is a new risk related to the Cloud responsiveness, the speed of the solution in an environment you don’t control and the availability/performance of the Internet access. Murphy’s law will obviously ensure worst problems may combine and at the worst time for you, when the IT team dream is to not have to process printers-related tickets as an urgency.

When a printer or MFP includes a complete print management solution, it will cover at least the user authentication with PIN or card, rights management, pull printing and usage tracking. The only way for those features to work fast with High Availability, not requiring any Cloud connection whenever possible (i.e. to make a photocopy or send a fax), is for them to be running inside the printer, not requiring any server and leveraging on local caches to optimize the Cloud experience.

That’s called Edge Computing or Zero Server, the intelligence is as close as possible to the end-user, and it is the key for an efficient Cloud strategy. If a solution requires a local server or gateway to support local printers it is definitely not a Cloud solution, it is merely an on-premise solution with a hook to the Cloud and that adds one more risk to the overall High Availability. Very few Print Management solutions fit the Zero Server model, most are from printer vendors proposing brand-specific solutions.

How to check a solution is truly High Availability and Cloud-based?
It is very simple and 2 tests provide the answer:

  • Can the solution be used just by plugging printers on the internet-connected network, without having to open any port on firewalls or install any live application software/gateway on any PC or VM?
  • Can users still authenticate on printer to make photocopies, send analog faxes, with access rights and usage tracking when the Cloud infrastructure is unreachable?

If both answers are yes then the TCO for print and print management cost will go down drastically and productivity increases. This explains why High Availability and Zero Server are a must-have from now on for Print Management.

The revolution in 2021

Is anything changing in the slow-motion office printing industry? Yes, it is a revolution more than an evolution and it is not coming from a printer vendor but from a Cloud giant, Microsoft. Interestingly, Microsoft starts the Microsoft Universal Print service at the exact same time Google drops Google Print.

It is difficult to compare both services, they are so different they could even have been complementary. Where Google Print was the bicycle of Cloud Printing usable by anybody in a few minutes, Microsoft Universal Print is fully comprehensive, ambitious print infrastructure targeting the companies using Microsoft 365 Cloud service and software developers. The Microsoft Cloud service manages the overall security, the communication protocol between printers and the Cloud, the spooling, the availability of the print queues inside Windows 10 and, the most impressive, the access to the native printers capabilities such as duplex, paper tray, stapling, punching, toner saving etc.

With Microsoft Universal Print all printers can be created and managed in the Cloud, each of them receives its own certificate from Microsoft. No more service account, each printer can be revoked as needed, that’s secure. Print flows are adapted automatically for the target printer, therefore the “Universal” in the product name, an impressive feature that perfectly addresses the Babel tower issue.

If Microsoft Universal Print includes all those capabilities, is there still a need for any print management solution? Yes and no. No if the basic “click & print” capability is enough and the only goal is to remove print servers. Yes as advanced capabilities of Microsoft Universal Print such as pull print are only available through APIs, they are not a product directly usable by clients. A complementary print management solution is necessary to benefit from them unless they want to develop and maintain their own print management solution.

Print management software companies will then have four possibilities:

  • Ignore Microsoft Universal Print and remain in their core (niche) market, fully on-premise.
  • Stick with their on-premise and server-based application software but add a hook to Microsoft Universal Print to get the print jobs list and inject the printers list. When some like to call it Hybrid Cloud, some other call that a kludge. Workarounds don’t last very long and carry a confusing architecture that is often the source of technical difficulties.
  • Move their on-premise application software in a Windows/Linux VM in Azure, add a hook to Microsoft Universal Print and present it as a full Cloud solution. Scalability, updates and security will be serious topics to monitor.
  • Build a new print management solution around Microsoft Universal Print, not in a VM but running within Azure, and deploy the full power of Microsoft Universal Print without overlapping its native features. As of today, very few companies have chosen that strategy as it requires to develop Microsoft Universal Print client running inside the printers. But that’s really the only viable long-term solution for clients and for software companies.

Microsoft will hopefully release soon its Universal Print offer as the announcement and beta versions date from late 2019. When this happens, Microsoft 365 clients will be able to migrate their print management to the Cloud, benefit from out-of-the-box basic “click & print” capabilities and complement it with innovative third party print management solutions.

For clients and integrators, the due diligence to perform will be to differentiate Smoke from Cloud, kludges from extensions to Microsoft Universal Print, marketing hype from sound architecture. Moving to the Cloud is a journey, a long-term strategy, and the choice of the right tools with a smooth technical ecosystem is key.

It will remain to be seen if Microsoft will be challenged by other Cloud players, as of now there is no real replacement announced by Google, but it will be interesting to see how printer vendors react now that Microsoft is challenging some of them with a very attractive value proposition, brand agnostic, very affordable offer that competes directly with most proprietary Cloud print solutions. That first clash of the titans since decades in that quiet office printing industry has been triggered by an outsider capable of reshuffling the print management solutions quadrant.

Jean-Francois d’Estalenx
Celiveo