How to Ensure the Security of your Video Content

By September 11, 2018 MediaPlatform Blog

Whether it’s a product launch, a CEO town hall, or important corporate news, organizations are considerably reliant on video as the medium to convey their message.

This has given rise to challenges and questions pertaining to data protection and security. For example, should every employee have access to all content? How do you prevent illegal access? And how would you react if the wrong content was accessed by the wrong employee or for that matter organization/ outside individual?

If you are new to delivering corporate content via video, or if you’re simply considering moving to video in the very near future there are a few things you should consider before going any further:

Where is data hosted?

Video content that contains private and personal information must adhere to the highest data protection regulation as required by law. Here at Media Platform we use Amazon’s S3 storage service for primary file share and storage for content. Not only does Amazon’s S3 meet all regulatory security requirements it also delivers a highly scalable, reliable and fast storage solution.  To ensure scalability and reliability, S3 automatically manages data replication across multiple data centers. Amazon S3 supports server side encryption for data at rest. Amazon S3’s Server Side Encryption handles the encryption, decryption, and key management.

How secure is the access?

Assuming not every single employee will have access to every piece of video content, it’s important to clearly identify approved users. Also known as authentication, the best way to set this up is to automate it.  Many organizations rely on a classic password-based login supplemented by single-sign-on systems or multifactor authentication that combines several processes with one another. Tools such as SAML (Security Assertion Markup Language) will easily authenticate all users accessing secure content.

What rights do users have?

Just because an employee has access to view content, doesn’t mean you want them to have editing rights as well. For this reason, it is critical to be able to assign permissions in a granular way. Since assigning rights based on per user can be extremely exhausting to say the least (especially for large organizations), most companies organize this and automate it through Active Directory. This ensures users with the right role and group allocations to be automatically created, changed, or deleted in a role-based manner. This also means that a user’s permissions will follow them wherever they access that content–whether inside or outside the workplace.

Where are you deploying your platform?

Certain types of organizations (government, medical or financial, to name a few) face more stringent security requirements and as a result often require different hosting options than other businesses.  Therefore delivering those clients an on premise option was something we needed to deliver. But for those other organizations, with more flexible security requirements, they have the ability to choose whether they take advantage of Media Platform via our cloud or via their own.

SaaS or Hybrid SaaS?

We are often asked whether we offer SaaS and/or Hybrid SaaS models, and the answer is a resounding yes! Both are popular due to their ability to reduce load on the wide area network. Our Hybrid SaaS model carries all the benefits of our traditional SaaS solution because it allows organizations to leverage solutions for delivering video across internal networks and multiple network locations, as well as to mobile and external viewers.  

The Hybrid model however allows organizations to move their system in-house to deliver a more secure model when needed. When our customers choose a hybrid model, they benefit from a live streaming solution called Multicast Fusion, which combines IP Multicast, Peer Assist Multicast, and Unicast from Cloud based CDN’s into a powerful distribution architecture.

Finally, a cloud based CDN can be used to reach global remote viewers, and those accessing content through a mobile device. Therefore, secure live streams can be initiated from any location to viewers around the world.

Cloud deployment

At MediaPlatform  we offer various types of cloud deployment options, integration with single sign on protocols, secure and encrypted video streaming, and support for split tunnel VPN architecture.

In a single tenant system, users are provided with their instance of the software. Single tenant users benefit from configurability, and robust security. It’s a good solution for organizations that have strict security requirements, or require specific customization. Single tenant is useful for businesses that have to satisfy industry and government security regulations.

How compliant is it?

As mentioned before, certain industries have strict regulations they must adhere to. This means that some businesses are mandated to document things like when a video was published, who published it, and where is was published. Also if a video has been deleted, there must be an accessible archive.

Thankfully today’s enterprise video solutions carry an array of security features and settings, so you don’t ever have to worry about the security of your content. That said, you might still be tempted by the video platform that offers a basic solution with basic security. Keep in mind that the more basic the solution and basic the security the easier it is to leave yourself exposed.

Further, a platform that isn’t designed with the enterprise in mind may not allow you to restrict content as your business truly requires. One question you might want to ask your potential vendor is whether the security settings apply to the user regardless of how they are accessing content (I.e if they login via a mobile device instead of their in-office laptop will the security settings move with them). The bottom line is this: a dedicated enterprise video platform should provide complete security of both your content and network.

 

Simple Share Buttons