February 24, 2017
How To Set Yourself Up for Digital Asset Management Success: Security & Authentication
Security: always a hot button. What is the best way to set-up & share assets within a digital asset management solution?
When I started working in tech in the mid-80s, security consisted of the occasional use of a Social Security Number or a 4-digit PIN for the ATM. Only industry insiders even knew what a “computer virus” was, and the term “hacker” hadn’t been invented yet. Those were simpler times. By the early 90s, internet traffic was expanding rapidly and the need for added security became increasingly vital. Today we live in the world of Single Sign On, LDAP, SAML, Hardtokens, Softokens, Webservices, RSA, AES, Blowfish, Twofish, SSL, and HTTPS Security and tech go hand-in-hand now.
With the increased threat of cyber-attacks, how do we secure and protect our digital assets? How do we share content without it being intercepted? Who’s been looking at our content and why? What should we release to the public versus keep private?
All of these questions can be answered by adopting some form of security scheme to your digital asset management solution. Most large organizations have protocols like Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) in place to address the scores of users and profiles who need access to your system.
Leveraging these security concepts with integration points such as SSL, SSO, and SAML can provide an excellent security platform to keep your information security staff happy. Most large organizations have staff “authenticate” into their platform and are provided a “suite” or “image” of productivity software to use to complete the day’s work. One logon, one password.
Digital Asset Management applications usually require some form of user account and profile to provide access to the content.
Accessing and leveraging in-house authentication like AD, LDAP, or Single Sign On allow for that same one time logon. Risk is managed through the authentication. Then the DAM administrator can concentrate on managing content and not passwords.
As crucial as authentication is, security is even more important. Staff and IT police should trust the content they put into the Digital Asset Management sytem. Likewise it should be protected by using protocols like HTTPS and other encryption methods.
In my previous enterprise business, we had to generate an SSH certificate for our DAM webpage to add that extra level of security.
How you implement your Digital Asset Management solution can be dependent on your required levels of authentication and security.
On-premise systems have the built-in luxury of security being local—sensitive data stays in your network and belongs to you and only you. Cloud systems can provide security as well but at a higher price for the organization. And if you use cloud storage, you’re placing your assets in someone else’s custody. With cloud services, you’re completely reliant on the vendor to be rock solid. And you’re trusting a third party to ensure that your precious assets will be there when you need them.
Protecting confidential information is critical to the livelihood of most businesses.
Allowing only authorized users to access assets is an effective way to control the distribution of sensitive files. For example, a marketing group may be rolling out a new campaign to undercut the competition. The files must be kept under wraps, but all the partners need the most current images, copy, and web assets. The marketing group can utilize the asset manager to serve password-protected catalogs that provide access to all the key players.
Having authentication and security working together to allow the right access and control of your assets makes them that much more valuable to the organization.
To learn more, download the Digital Asset Management Best Practices Guide today.
Or take a spin on the ROI Calculator and see what kind of results a DAM solution would have on your bottom line.