So you’re using a video streaming platform to manage all your enterprise videos that you use for communications, internally and externally. Naturally, this means that there is significant traffic on your video streaming platform. This traffic comprises a mixture of users within and beyond your organization.
What I’m trying to get at is there are too many people on the platform that can do a lot of things and make a lot of changes. You want to limit what functions people can perform on your platform. Of course, not everyone can have their way with a business asset. Therefore, you need Role-Based Access Control.
Role-based Access Control (RBAC) involves allotting user roles to all the users of your enterprise video platform and assigning permissions according to their roles, effectively limiting what actions they can perform. This means that you can protect your content from unauthorized tampering and maintain control over the goings on.
You Can Manage RBAC in VIDIZMO
VIDIZMO doesn’t play around with security. Along with other robust – and customizable – security policies and protocols, it comes packed with built-in Role-Based Access Control options, complete with predefined user roles and corresponding permissions. These roles are customizable though. The owner of the video streaming platform – be it an executive director or the IT in charge, depending on the dynamic of your organization – can change permissions, allow new permissions and even change the names of the roles.
Out of the box, VIDIZMO comes with 6 user roles: Anonymous, Viewers, Contributors, Moderators, Managers and Administrators, in that order of authority. Imagine them forming a pyramid, if you will. The higher you go on the pyramid, the more authority and access you have.
This user role is the bottom of the pyramid, specifically for users that are not registered in the video platform. In other words, Anonymous users are non-authenticated users - i.e, they don't have an account on the platform - that can only view public media and cannot make any changes.
Viewers are a step up from Anonymous. They may have an account on the platform or not, but they can do more than Anonymous users. They can view media that they have been granted access to and update their profile. Viewers can also view their Personal Viewing Reports.
The next block in the user roles pyramid is the Contributor. This user role has one added benefit over Viewers: they can add media to the platform. Hence, the title. Although Contributors can upload videos to the platform, they may require permission or moderation from higher user roles, depending on the dynamic of the platform. This neatly brings us to the next user role.
This user role marks the beginning of the top tier of user roles, the ones with the decision-making powers. Moderators are like support roles for Managers. They can perform all the functions that a contributor can but their added responsibility is that they have to moderate the media content and comments on the platform. This is the first role that monitors and moderates what goes on the platform.
By now, you’ve probably noticed how it goes. Managers, as the name suggests, manage the platform. They perform all the functions that Moderators do, which means that the media and comments they submit don’t need to be moderated. On top of that, they manage an entire portal on the platform, including the users, registrations and media. Managers are the first (of two) user roles in the pyramid that can change user roles, although they cannot bump a user up to Administrator.
At the top of the user roles pyramid, you have Administrators. You can probably guess what this user role can do. But to really spell it out, Administrators are the owners of the entire platform. Administrators have complete authority and can perform all the functions that are to be performed on the platform. They can even manage email templates, audit logs and the workflow queue. In simpler words, they have total control over all the activity performed on the platform. There’s really no better way to put it.
I want to reiterate that these roles and their permissions can be customized. You can give any user role more permissions by simply checking a box. You can also change the names of the roles to be more specific to or more recognizable in your organization. In fact, you can even add more roles if you need to.
What Role-Based Access Control (RBAC) Can Do
We’ve gone over how you can control access based on user roles, but you may be wondering exactly what you’re going to get out of this.
There are plenty of advantages to having user access control. The most obvious one is the added security. By granting access to video content on a need-to-know basis, you’ll be preventing unnecessary access to sensitive information. With user roles defined, you can effectively restrict users to certain actions and predict their actions based on their role not only on the platform, but in the entire organization.
This brings me to my next point. You can maintain your organizational hierarchy on your enterprise video sharing platform. In essence, you’ll be aligning your employee’s video sharing platform user roles with their organizational responsibilities. This means that you can significantly cut down the complexity of assigning and switching user access rights.
This brings me to my next point. You can maintain transparency across your video sharing platform. When you assign specific roles to the users that also align with their organizational roles, you can expect the actions each user will perform on the platform.
This one doesn’t quite tie in as neatly, but with user access control, you would find it easier to comply with statutory or regulatory requirements for privacy and confidentiality.
You Need Role-Based Access Control (RBAC)
“That’s all great, but why do I need RBAC?” I hear you ask. Well, that’s because there was a time when user access control on your enterprise video platform may have seemed like a luxury but today, it is basic cybersecurity. When your company uses videos for all kinds of internal and external communication, they become increasingly sensitive and need to be protected from unauthorized actions. It becomes increasingly important for you to control who does what on your video sharing platform.
For a system that allows you to add multiple users via emails and collectively through a CSV and more, proper segregation of users with RBAC is necessary for appropriate user management.
Large enterprises have many employees, sometimes in multiples of hundred. You can’t realistically keep track of what each of those employees does on your video sharing platform, chock full of recorded meetings, webinars, announcements, what have you. It’s much easier to tie those employees to their respective roles to make sure they only see and do what they’re supposed to. A train is more likely to follow the path that it should than an airplane. The difference is the rails that keep that train on the track.
Law enforcement agencies involve sensitive digital evidence files, including videos, audio and images. Not only do you want to limit who has access to the content, you also want to limit who can add content to the platform and monitor the evidence files that are added. Most importantly, you have to make sure that no one makes any unauthorized changes. Tampered evidence would never make it to court. It is extremely important to handle evidence files with the utmost care because they have a lot of bearing on a lot of lives.
Similarly, healthcare institutions deal with just as much private data. There’s a lot of sensitive patient information stored in videos that should be protected from unauthorized access for their privacy. Role-based security is one of the easiest way to do that.
VIDIZMO is a Gartner Magic Quadrant recognized enterprise video platform that takes security very seriously. To find out more about VIDIZMO’s capabilities and offerings