 |
 |
 |
|
03.10.10 Protecting Your Enterprise Asset Security  By
Ken Molay Readers, I would like your help addressing a question from one of my clients. Please add comments with your thoughts. Consider a scenario where you offer training via online recorded content. Your revenue stream is based on people purchasing the right to watch and listen to your recordings. You would like legitimate customers to be able to watch when they please, stop and resume later, and come back to a recording to watch it again. You don't want one person to be able to buy access and then send the viewing link to everyone they know. Is there any practical way to allow viewing convenience for customers while protecting your content from wider availability? I can think of a few ways to implement security, but they all have downsides: • Only allow immediate viewing at time of purchase. There is no provision for coming back and continuing or reviewing content you have already seen. This is absolutely secure, but violates the basic premise we set up. • Only allow access from the IP address used on the initial purchase or content view. This would stop people from spreading a viewing link, but it seems impractical in an age when people use multiple devices in multiple locations, often with dynamic addressing. The person should have access… Not the computer. • Offer each customer an individual access link that has a maximum number of uses, after which it gets shut down. This would limit the number of times it could be successfully forwarded, but also restricts potential fair use by a legitimate purchaser. I don't know of any web recording technology that has implemented this option, do you? • Generate an individual password for each customer's access with an automatic expiration period. This is essentially the same idea as the preceding example. Bad guys could forward the access information, but only for a limited time. It couldn't expose your content to everyone forever. Has any company implemented this strategy? • Use voiceprint identification for access. The customer has to call a phone number or use a computer microphone to establish identity every time he or she wants to view the content. It's technically possible, although I would think that customer support would be busy dealing with people who don't get recognized because of bad phone connections or other issues. And it isn't very convenient for the customer. Probably expensive to implement as well. As recorded webinars become more prevalent for delivering fee-based content, this issue is going to vex more small businesses who can't afford much in the way of intellectual property theft. When you depend on each viewing for your business income, every shared access is money out of your pocket. What's your solution? Comments About the Author: With a background in software development and marketing, Ken has been producing and delivering business webinars since 1999. His background in public speaking, radio, stage acting, and training has given him a unique perspective on what it takes to create a compelling and effective presentation. Currently Ken offers consulting services through his company Webinar Success (www.wsuccess.com). |
|
| ||||
-- EnterpriseSecurityNews is an iEntry, Inc. publication -- iEntry, Inc. 2549 Richmond Rd. Lexington KY, 40509 2010 iEntry, Inc. All Rights Reserved Privacy Policy Legal archives | advertising info | news headlines | free newsletters | comments/feedback | submit article |
