Corporate video is one of the best ways to communicate with large, dispersed teams. It enables people to stay coordinated and well-informed about the goings-on within the company. It’s especially important for big announcements, times of change, or on-boarding new team members.
The main sticking point for using video for internal communications, and one we hear about all the time at SproutVideo, is that online video is perceived as being extremely public – that once you post a video online, anyone could search for it, watch it, or share it.
That perception needs to change. To help with that, we are going to cover the five steps you need to take to ensure only designated people can view your videos. We’ll also cover how to track viewer interactions with your videos very closely to boot.
1. Determine the Level of Security You Require
Your corporate video privacy requirements are going to be unique since no two use-cases are exactly alike. It’s important to think through how you’d like to be able to share your videos before getting started. Answering these key questions will help:
- How sensitive is this content? What would be the impact to your business if these videos leaked?
- Do you already have a website where you can embed these videos, or do you need a secure portal for your videos as well?
- Should viewers be able to access your videos seamlessly? Or, is it ok if they have to enter credentials to login?
- Do viewers need to access your videos on the go, or just in certain locations, like the office?
- Can anyone at your company watch these videos, or just specific teams or locations?
The answers to these questions will largely determine the features you need to look for when shopping for a video hosting provider for your business.
2. Choose Your Video Hosting Platform Wisely
Be sure to choose your video hosting provider with care, as online video is not one-size fits all. For instance, popular free and premium options, such as Youtube and Vimeo, are designed for social sharing of content – the exact opposite of what you’d want for your private corporate videos.
When shopping for services, look for a video hosting provider that focuses on business video, and allows you greater control over your content.
Bandwidth is less likely to be a concern than it is for publicly available videos. Since you have a clearly defined audience, the number of views your videos might get in a given month will be fairly predictable.
Look for advanced security features instead. For instance, restricting the domains on which your videos can play, IP address restriction, or single-sign-on (more on that in the next section).
3. Restrict Access
The best defense is a good offense, so they say. This is especially true for online video. The easiest way to help make sure your videos are only shared securely with the people you designate is to restrict access to the webpage on which they are located in the first place.
This is actually very straightforward in most use-cases. Usually, restricting access means requiring a password or login credentials to be submitted before loading the page, or the video, and ensuring your video can only be accessed on that specific webpage (more on that below).
How to Restrict Video Access
The main differences in your approach depend on whether your corporate videos are embedded on a website you own, such as an intranet or Sharepoint site, or if you are using the landing pages or video website provided by your video hosting service.
If it’s the former, you’ll want to control access to the page by managing your employees’ access credentials or profiles for your company’s intranet, VPN, or similar content sharing portal. You’ll also want to ensure only relevant teams have been granted access to the pages containing your videos, if possible. By controlling video access through their credentials or profiles, and not through the player, you’ll ensure a seamless viewer experience while also keeping your content secure.
If it’s the latter, with SproutVideo for example, you can restrict access to the page on which your video is located using password protection, login protection, IP address restriction, or single-sign-on. These options increase in complexity from the simplest way to control video access, to needing some technical expertise to implement.
With added complexity, you get added security. A password can be easily shared along with a link to a video, whereas corporate credentials for single-sign-on are unlikely to be shared. Those credentials might be coupled with additional privacy measures, such as double-factor authentication.
That’s not to say password protection is a poor choice. The best option depends entirely on your requirements for sharing your corporate video.
4. Safeguarding Embed Codes
Allowed domains or signed embed codes are two popular ways to ensure your videos can only be accessed on websites you own. Unless preventative measures are in place, it is relatively trivial to locate an embed code on a webpage, and copy and paste it to another site.
On the SproutVideo platform, domain restriction works by automatically checking whether the URL where your embed code is located is approved. If it isn’t, the video simply won’t load. An added advantage is that if the URL where your video is located is shared on social media, the video won’t be accessible on that platform.
Signing the embed code is slightly more technically advanced, but essentially achieves the same result. Signed embed codes require a unique signing key to load the video on the page. If the signing key is absent or incorrect, the video won’t load.
The major difference is that signed embed codes can be used in more complex scenarios than allowed domains. For instance, you can choose to generate the signing key under very specific circumstances.
5. Track Viewer Activity
Now that you have protected your videos against unwanted access and sharing, you’ll want to audit your viewer records. This will enable you to make sure your video privacy controls are working as expected.
This type of reporting has the added benefit of indicating the level of viewer engagement your videos are driving. Video engagement metrics are useful for evaluating the efficacy of your video communications. For our purposes today, we just want to consider what they can tell you about who is accessing your videos.
First and foremost, ensure you are tagging viewers with their email addresses to make it easy to identify them. You can tag viewers in several ways, whether you are embedding your videos or using SproutVideo’s video websites.
Then, periodically review who has been accessing your videos to check for any anomalies. If you’ve followed the four preceding best practices, there shouldn’t be any, but it never hurts to check.
Look for any unusual email addresses, locations, IP addresses, or viewing patterns. If anything sticks out, you can always revoke viewer access temporarily. Simply change the video’s password or privacy settings, or remove it from the page on which it is located entirely.
Questions about securely sharing your corporate videos? Let us know in the comments below, we’d be happy to help!