How secure is your online video?‏

If video is a big part of your business, the risks can be great when self-hosting your media. Providing access to your media can be difficult enough in terms of the technology required to store and deliver your video via a searchable website. But more critically, how can you make sure that only your intended audience can access your media?

While third party open hosting sites like YouTube provide wide open access for your public facing promos, there may come a time when you need more control over who can access your content and what they can do with it.

Ensuring that your content can only be accessed by registered users is paramount for any B2B media business, archive or company with sensitive or commercially valuable video.

An Enterprise Video Platform will enable you to host your content via a discrete, customisable cloud based service. Built-in security features mean you don’t have to worry about your videos, images and audio files being lost or seen by unauthorised visitors to your website.

Managing access efficiently

While your content can be made public and easily accessible, you may wish to restrict access to specific areas of your archive. Controlling access to your media usually requires a registration step for prospective users. This process can be automated and can be configured to include an email validation step to ensure that a real person is accessing your archive.

Alternatively, when higher levels of security are required, a manual check on the person submitting the registration form may be necessary before access is granted. In this case it's important to capture sufficient information during the registration process so that judgement can be made.

Once an individual is registered, users can be organised into a series of groups which will determine access levels for specific files and information. The permissions associated with the group will also affect a user’s ability to download high resolution originals, edit files, share and make comments.

Federated access – third party authentication system

While most individuals are content with setting up their own usernames and passwords to access online services, an organisation may wish to set up and control access for staff from a central location. A federated access model enables users to sign in to multiple web-sites, services or software services with a single set of credentials which have been issued by a central authority. Single Sign-on is particularly prevalent across higher education and academic institutions where users can access a wide range of online resources during their University Career. When they leave, revoking their access is a simple job for the administrator who only needs to remove one account.

Only having to recall a Single Sign-on offers advantages such as reducing user frustration; users aren’t required to remember many different combinations of username and password, saving time over multiple logins, and reducing IT costs of managing password problems at the helpdesk.

HTTPS and Media Asset Management

HTTPS, or Hypertext Transfer Protocol Secure, is an encryption protocol commonly used by online banks and e-commerce websites. HTTPS encrypts the data being transferred and establishes a secure channel over a non-secure network – normally between browsers and web servers. This ensures that data is protected from hackers who could intercept and access information while in transit.

Enterprise Video Platforms commonly use HTTPS to ensure that files being uploaded for ingest – either through a web browser or via an API, are transferred securely. Similarly, files can also be set up to download over HTTPS for secure delivery to the end user.

Web interfaces which provide end-users with access to content online should also pass log in data securely between servers and the client browser. This protocol ensures that credentials cannot be intercepted and used to steal content. This will protect your media but will also protect your users’ private information when registering to use the site.

Watermarked videos

The ability to add watermarks to your media adds another layer of protection to your digital media assets. By applying your logo onto your media, users downloading and sharing your public videos will not only advertise your brand, but it will also help protect your content against piracy. The option to add a pre-roll message to your content also means it is possible to display a message before a video begins playing, such as a rights notice, to caution viewers against misusing your digital assets.

Metadata (such as the title or unique ID) can also be burned into your video or image to ensure that it can be easily identified at a later date if it becomes orphaned.

HLS streaming vs Progressive Downloads

HTTP Live Streaming (also known as HLS) is an HTTP-based video streaming protocol that works by breaking down an overall file into a sequence of small HTTP-based files.

An accompanying index file is included, containing the information for playback of the segments as one continuous stream. Since its requests use only standard HTTP transactions, HTTP Live Streaming can traverse any firewall or proxy server that lets through standard HTTP traffic. It can also be played on all mobile devices, including those running iOS, unlike formats requiring a streaming server.

The advantage of HLS streaming over progressive download methods, which download a single file to the user’s web browser, is that it makes the process of capturing a single file virtually impossible. HLS delivery therefore greatly reduces the risk of file theft and piracy.

In conclusion

Hosting video with conditional access requires a range of security mechanisms designed to protect your media and protect your users' private data. It's important that the mechanisms are as transparent as possible to ensure a positive and enjoyable user experience where content is accessed as freely as possible. Enterprise Video Platforms such as Imagen provide content owners with all these features, plus the greatest peace of mind that their content is safe.

Ian Mottashed is marketing director at Cambridge Imaging Systems

You might also like...

The Sponsors Perspective: Working In The Cloud – Productivity Is Always The Key

We’ve encountered media companies along all aspects of migrating their workflows to the cloud. Some with large on-premises media processing capabilities are just beginning to design their path, while others have transformed some of their workflows to be cloud-native, a…

IP Security For Broadcasters: Part 9 - NMOS Security

NMOS has succeeded in providing interoperability between media devices on IP infrastructures, and there are provisions within the specifications to help maintain system security.

Essential Guide: Productive Cloud Workflows

It’s quite incredible to think that real time broadcast signal workflows are now actively encouraging software processing. It wasn’t so long ago that video images had to be processed in hardware to meet the tight timing constraints that liv…

As Demand For Content Increases, So Too Has The Need For MAM

While the amount of content generated by broadcasters and program providers continues to increase exponentially, the need to manage those assets and support collaborative production as well as a myriad of distribution platforms has never been greater. The pressure is…

IP Security For Broadcasters: Part 8 - RADIUS Network Access

Maintaining controlled access is critical for any secure network, especially when working with high-value media in broadcast environments.