Skip to main content
Skip table of contents

Infrastructure Security

MyQ X provides robust infrastructure security that protects the entire print management environment from evolving cyber threats. The platform incorporates multiple layers of defense to safeguard servers, databases, network communication, and software integrity, ensuring operational reliability and data confidentiality.

Print Server Security Hardening

MyQ X print servers are hardened using best practice security configurations defined in the config.ini settings, including:​

  • Restriction of services and processes to limit attack surface.

  • Enabling secure communication protocols and disabling legacy insecure options.

  • Strict user privilege assignment, avoiding administrator privileges where unnecessary.

  • Regular automatic updates and security patching to address newly discovered vulnerabilities.

  • Configuration of firewall rules and port restrictions to block unauthorized network traffic.

These measures reduce the risk of exploitation and maintain system availability even under attack conditions.

Database Encryption (Firebird 4.0 Implementation)

MyQ X uses the Firebird 4.0 database engine, which provides advanced encryption capabilities to protect sensitive data at rest and during backup operations. Key encryption features include:​

  • AES-256 encryption of database files to prevent unauthorized data access.

  • Encrypted storage of passwords and keys within the database system.

  • Obfuscation of sensitive database content in logs and diagnostics.

This ensures compliance with data protection regulations and prevents compromise of print job accounting and user information.

TLS 1.2/1.3 Enforcement and Certificate Management

To protect data in transit, MyQ X enforces a minimum TLS 1.2 protocol by default, with optional upgrade to TLS 1.3 for enhanced security and performance. The platform supports flexible certificate management modes:​

  • Automatic generation of a private root Certificate Authority (CA) that signs server and client certificates.

  • Integration of organization-managed intermediate CAs, allowing corporate trust chains and centralized certificate control.

  • Support for manual certificate installation, including third-party/public CA certificates.

Certificates and private keys are securely stored with encrypted protection, and clients receive trusted certificates via Group Policy or Mobile Device Management.​

Network Communication Security

MyQ X secures all network communication channels by:

  • Blocking all unencrypted HTTP traffic, enforcing HTTPS only.

  • Encrypting SMTP, LDAP, and RADIUS traffic using TLS to protect authentication and mail flow.

  • Disabling deprecated and vulnerable protocols such as POP3 and STARTTLS replacements.

  • Employing SNMPv3 with strong authentication and cryptographic algorithms to securely monitor and manage devices​.

These controls prevent eavesdropping, spoofing, and man-in-the-middle attacks across the network.

Firewall Configuration and Port Management

MyQ X reduces attack surfaces by:

  • Disabling firewall rules for unused network ports and protocols.

  • Allowing granular control of which ports are exposed based on organizational network policies​.

This limits ingress points to only those essential for print services, enhancing perimeter defenses.

API Security and Authentication Tokens

APIs enforce multiple layers of security:

  • OAuth 2.0 Authorization Code Grant framework secures API access through short-lived bearer tokens and scope restrictions​.

  • Tokens are validated against client IP addresses and require secure client credentials.

  • Periodic secret rotations protect against credential leaks.

This guards API endpoints against unauthorized requests and abuse.

Process Isolation and Sandboxing

MyQ X print management applications run with process isolation to prevent compromised components from affecting the entire system. Virtual machine or containerized sandboxing is employed where feasible to contain security breaches and limit lateral movement within the environment.​

Code Signing and Integrity Verification

All MyQ software binaries and installers are code signed to guarantee authenticity and integrity. This ensures that customers install verified software versions free from tampering or unauthorized modification.​

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close