Change region/market

Heidelberg Cloud.

The Heidelberg Cloud is our central service platform for remote maintenance and other remote services. In operation worldwide since 2004, it enables you to connect your Heidelberg equipment and software products over a secure and flexible cloud service to the Heidelberg Service center.

With the Heidelberg Cloud, we provide you with fast, efficient and comprehensive support for machine operations, productivity improvement, and of course troubleshooting.

We are constantly improving our technology platform to be able to offer you state of the arts services in the future too. To this end, we need to analyze the available data and use the information gathered to design new services. It goes without saying that we do this in a way that does not present any risk for you. As our customer, you can be confident that all precautions have been taken to ensure your security during connection, active remote access to your machinery, data transfer, and data storage.

One technology – a world of applications.

Our cloud-based services.

Here is a selection of our most popular cloud-based services:

Remote Diagnosis

Remote Diagnosis – in other words interactive remote access to your machines – lets our experts repair faults quickly and efficiently and assist you with operation, worldwide at any time.

eCall

eCall provides you with direct access to our Heidelberg Service. The machine automatically alerts the operator if a fault occurs. The operator can immediately request help at the push of a button, and all the relevant data and information required to diagnose the fault is sent with the message. Incoming messages are dealt with as a matter of priority. You receive a callback from a competent technician within the shortest time possible

Prinect Netprofiler

Prinect Netprofiler is used for colorimetric calibration of Prinect color measurement systems. You do this yourself on site. The data recorded is sent to the Heidelberg server via Remote Service. You then receive an e-mail with a report of all the reference values as well as a certificate confirming verification of the measuring equipment in accordance with ISO 9000.

Predictive Monitoring

Predictive Monitoring monitors the intelligent sensors in the machines using a Big Data analysis platform. In the process, technical data is transferred, analyzed, and evaluated. Any time a parameter moves outside of a defined standard range, the service expert is notified by the system. He or she then creates a to-do list containing possible service measures such as maintenance, cleaning, adjustment, or replacement. Depending on their priority, these measures will either trigger an immediate service call or be incorporated into the next scheduled maintenance. Monitoring reduces unplanned service calls to a minimum and ensures maximum machine availability.

Performance Benchmarking

The web-based Performance Benchmarking solution anonymously compares the productivity of your Speedmaster presses with the productivity of presses in other customers’ businesses. This involves recording the printing performance of the connected machines online, centrally evaluating it, and making it available in an Internet portal.

Mehr

Performance Consulting

With our Performance Consulting services, we analyze and improve not only the performance of your machine, but also other factors that influence the economic success of your print shop. This involves examining processes, machine operations, and the productivity of the entire production workflow. The project starts with a two-stage analysis of the current situation: first, machine operating and production data is transferred via the Heidelberg Cloud and used to calculate the overall equipment effectiveness (OEE). Based on this evaluation as well as on-site consulting methods like value stream mapping, we define improvement measures and implement them together with you. The success of these measures is gauged through continuous data analysis over a defined period of time, with improvements in performance of up to 40 percent possible.

Your gateway to the Heidelberg Cloud services:

The Heidelberg Assistant.

Heidelberg Assistant is the digital interface for our customers to real-time data as well as comprehensive analyses from the Heidelberg Cloud. Heidelberg Assistant is a web application protected with technical and organizational security measures at the highest level (e. g. Web Application Firewall, DMZ, virus check of attachments in a sandbox). Access to the Heidelberg Assistant is controlled over a finegrained user rights and roles concept with individual login and password protection (Heidelberg ID). The master administrator is defined and managed on customers’ side. All security measures are checked regularly with internal and external penetration tests and brought up to date with the latest technology.

Our web-based services meet the strictest requirements for security and are regularly updated in line with the latest standards.

Our IT security for you.

Cloud-based Services with comprehensive and certified IT security for our customers

The Heidelberg production systems (machinery and software) are connected to the Heidelberg Cloud via a secure, web-based communication channel. We use this channel to access the customer system directly or to send relevant data for the various applications. Almost all print shops have their own web sites, receive job data via the Internet, or offer their customers a web-to-print service. These Internet connections are normally protected by means of central access control on the customer side. The Heidelberg Cloud does not affect this protection in any way. The Heidelberg Cloud offers an extremely high level of security with the following measures:

Certification to ISO/IEC27001 and TRUSTe Privacy
Proactive internal security vulnerability scanning as well as externally verified penetration tests

All contact is initiated by the machine

The machinery and Prinect servers come preinstalled with a so-called service agent for the Heidelberg Remote Services. This software is designed to prevent contact being established with the machine from the outside. All connections to the preset Heidelberg Service center are initiated by the machine.

Internet standard protocols and HTTPS encryption–listening in is pointless

The Heidelberg Cloud is strictly based on Internet standards that use encrypted communication. This accomplishes two goals:

The machines do not need a fixed or public address, instead any local address available in the internal network can be used. Application-specific gateways–so-called proxies–can be used in accordance with the customer’s IT infrastructure for external communication. These gateways record the communication to be sent via the Internet and act as a kind of relay station to forward it.
The communication is encrypted to ensure that the contents of the data transmission cannot be read by third parties. This maintains the confidentiality of all data exchanged between the customer and Heidelberg.

The Heidelberg Service center as the only point of contact in the network

The Internet addresses of the Heidelberg Cloud are already stored in the machines on delivery. Both communication partners are uniquely identified when contact is established. The machine contains a globally unique ID and a password that are already preinstalled on delivery. The Heidelberg Cloud is equipped with digital certificates that verify that the addresses are actually those of the Heidelberg Service center and not a third party purporting to act on its behalf.

The customer has complete control at all times

Machines and Prinect servers connected to the Heidelberg Cloud only establish contact with the Heidelberg Cloud if the customer wants and expressly permits this. There are various forms of contact, depending on the service product purchased as part of a service agreement:

Permission for interactive remote access by the Heidelberg Service team (desktop sharing) and sending diagnostic data for Remote Diagnosis service products
Transmission of the alert notification containing the diagnostic data and request for support from the Heidelberg Service team with eCall
Targeted transfer of technical data for analysis and early identification of faults with Predictive Monitoring
Targeted transfer of production data for analyzing performance with Performance Plus, Performance Benchmarking, or similar consulting projects
Transmission of software installations and software versions for determining the correct update packages for Remote Software Distribution
Transmission of calibration data for color measurement systems with Prinect Netprofiler

This concept allows customers to decide in detail what level of communication they want. All of these functions can be enabled or disabled at any time. If none of these functions are enabled, the Heidelberg Cloud communication software remains disabled completely.

Double logging - on the press and in the Heidelberg Cloud

With the Heidelberg Cloud, all transactions (e.g. file transfers) are logged both on the machine and in the cloud: this makes it possible for customers to prove at all times what exactly happened in the system. By comparison, other conventional systems only use a central logging and require customers to prove themselves all transactions in the event of damage.

No background access–interactive access with once-off permission only

In addition to approving individual Remote Services, individual confirmation is required for each and every remote access operation. The “Remote Service button” (telephone handset symbol) must be pressed to enable an authorized Heidelberg SystemService technician to directly access the user interface for a limited period in order to analyze faults interactively with the user on site or provide assistance. This active status is shown on the screen, ensuring that the operator has full transparency at all times. The operator can also precisely track the menu steps being performed by the technician, and the screen views visible to the technician. The customer can, of course, terminate this remote access at any time.

A face you know

Access to the Heidelberg Cloud via a portal is reserved for Heidelberg staff with Remote Service authorization. In accessing the platform, they follow a defined and secure authentication procedure based on modern standards. This ensures reliable identification of the Heidelberg SystemService technician, since the concept only permits personal user accounts. There are no anonymous users within a Remote Service connection and no group accounts. Our SystemService technicians personally vouch for the service provided, as with Remote Services. The technician’s name is therefore shown on the display during all interactive remote access operations. We generally also send a photo of the technician, since a personal relationship is also important to us with Remote Services.

Data privacy and training

Before a technician gains access to the Heidelberg Cloud, he or she receives instruction on matters related to IT security and data privacy and signs an undertaking. In particular, this undertaking confirms that all data to which the technician has access by virtue of its user account in the service center will be handled in confidence. Information will only be collected by SystemService technicians for the purpose of providing services or improving products. In addition, the data will only be used by the local SSU or Heidelberg Druckmaschinen AG for improving quality management and continued refinement of machinery and service products as well as for innovations and the purpose of customer relation management. This staff will also receive appropriate instruction in matters related to IT security and data privacy and sign the undertaking.

Roles and rights concept by regions and machine types

Access to information in connection with the personal account for authorized technicians is limited to the bare minimum. Machinery connected to the Heidelberg Cloud is only visible in the portal for technicians with responsibility for the respective region where the machine is installed, with access permission, and with training in the respective product line.

Standardized, secure service workstations

All Heidelberg SystemService technicians use standardized service PCs with the latest virus protection and modern security features installed by the central IT departments. This ensures that all systems involved in the Heidelberg Remote Service, from the machine to the service PC, feature effective protection.

IT security-a constant challenge

IT security is constantly evolving and facing new challenges, whether as a result of new threats or ever changing technological capabilities. To address this, Heidelberger Druckmaschinen AG set up an IT Security Council–Remote Services in which IT security specialists together with data protection officers and product managers track current developments with the aim of continuously optimizing the security measures for our products.

PTC Machine Cloud

PTC is the market leader in Internet of Things technology. Heidelberg is currently using the European PTC Machine Cloud located in the data center in Frankfurt/Main in Germany. The Cloud data center is certified to ISO27001 and TRUSTe Privacy and is subject to the strict data protection guidelines of the EU due to its location. This offers Heidelberg and its customers a very high level of security.