In the second part of our 3-part blog series, we explore how application and role modularity can be used to improve and reinforce security and privacy within the context of live enterprise webcast productions. Taking a step back, for even the most audience-inclusive productions (e.g. public marketing events), there are still elements of the production that will be “need to know”, proprietary, and carefully protected. Not surprisingly, the number of sensitive elements increases as the content becomes internally facing, more proprietary, and intended for much more carefully restricted audiences (e.g. C-level executives and board members).
The following are a few examples of how application modularity – or the ability to segment information, access rights, and delegate roles and responsibilities – can help support an organization’s security and privacy objectives:
- Controlling Advanced Access To Proprietary Information: As discussed in Part 1, preparation is a critical part of pulling off a successful webcast; however, comprehensive prep is often impeded by a reluctance to share highly proprietary information until the absolute last second (e.g. public company financial slides). One way of combating this is by segmenting and assigning very specific pre-production responsibilities. This way, perhaps only one person will have access to the slides within the backstage environment prior to going live. At the same time, the entire team can be enlisted to help prepare other event elements within the application backstage – perhaps testing encoders or reviewing survey questions – while being safely cordoned off from the proprietary content. If designed correctly, the application should enable these carve-outs to be applied to virtually any aspect of the pre-production responsibilities.
- Live Event Analytics: The value and proprietary nature of information is often perceived differently across an organization. For this reason, it can be very important to be able to carefully curate who has access to what information. For example, the IT/Network team may consider highly detailed, real-time, quality of service metrics highly proprietary while also being comfortable sharing a rolled-up report on network performance. Similarly, marketing may want access to information such as attendee names, email, phone #, but also want to protect that information very carefully from being shared outside of highly regulated specific uses. Similarly, when there are multiple events rolled into a larger event (e.g. “virtual conference”) or multiple presenters in a single event, the data generated by each event or participant could be considered proprietary and need to be modularly and precisely carved out for the intended recipient. With the right application design, it should be easy to define reports and carefully prescribe who has access to what analytics.
- Privacy Level Assignments: With the right design architecture, it is possible to assign an event a specific privacy level and then have that designation cascade through the entire pre-production, authentication and production process. For instance, an administrator could designate a specific Domain Access list, selecting from SSO Registration, email-only registration, client-token (single-use), or no security/registration at all. This designation would not only control the security/authentication elements of the webcast, but it could also trigger how other modular components, such as what audience information is tracked and who is it shared with, are defined.
These are just a few examples of how application design and, specifically, modular workflows and role definitions can be used to enhance security and privacy in efficient and reliable ways.