Hey folks,
I'm designing the setup for printer and scanner access in a small office of about 15 people, where we've got some regulated data to consider. A lot of people suggest using the 'scan to email' feature, but that's not an option for my client. I'm planning to buy a small Synology to create an SMB scanner share, where each person would have an individual folder that only they can access.
I'm also looking at purchasing an HP LaserJet Enterprise MFP M480f printer along with a HIP2 card reader. The idea is to use the card reader to automatically direct scanned documents to the right user folder when they scan their ID card—apparently, you can use a "%username%" variable for this.
Additionally, I'm considering implementing a nightly script to clear out the folders to ensure no sensitive data lingers. I'm also thinking of the usual VLAN and firewall isolation for security.
This setup feels pretty elegant, as it would just require users to register their card and start scanning, but I'd like to hear from anyone who has experience with this type of configuration or if there's a better way to handle it. Keep in mind, there's no Active Directory involved since this client is fully in the cloud and they have a mix of Windows and Mac users, which complicates things a bit.
5 Answers
If you're going this route, maybe look into Lexmark printers and their cloud printing features. It could streamline the whole process for you!
It might actually be easier to get everyone their own desk scanner. The costs aren't far off from what you're planning, and it could save you a lot of hassle in the long run.
Honestly, it's a bit crazy that scan-to-email isn't an option. Have you considered having users just plug in a USB stick to retrieve their scans? That might simplify things a lot!
Your idea isn't unreasonable, but you have a lot of components to manage for just 15 users. The whole card-to-%username% connection works theoretically, but without Active Directory or LDAP, you'll need to keep the printer's user database in sync, which can be tricky. I've found scan-to-SMB setups on HP can act up over time, especially with firmware updates and permission issues. You might want to consider a simpler approach: either scan to a single secured share and control access on the NAS, or use a secure cloud document system that manages data retention instead of trying to keep everything off endpoints. Just be cautious with those MFP identity features unless you have a solid identity backend in place—they can be shaky in mixed OS environments.
Feels like you're over-engineering this a bit. Sometimes simpler setups work best!
I can see your point! Sure, there are some technical folks who could help with the database sync, but it does make the setup more complex. I'm leaning toward trying it out anyway since AD would just be overkill for this client with their current setup. I find office printing challenges pretty new since I've mostly worked with remote companies; it's a whole different ballgame!