As podcasting popularity continues to rise for personal use, enterprise teams are taking notice and increasingly looking to utilize a corporate podcast for secure, corporate communications in an effort to better enable their employees, partners, and customers. However, since the vast majority of podcasting software is intended to deliver podcasts for public consumption, many enterprises are having difficulty figuring out how to make use of this compelling medium while meeting enterprise media security requirements.
The following four steps outline how to ensure your secure and private corporate podcast content is only available to your approved audience, whether that’s internal employees, partners, or customers.
Step 1: Deliver Your Corporate Podcast in a Company-Owned App
Many people initially consider getting started with a corporate podcast by distributing their content just like public-facing podcast creators do - through an RSS feed. You can password protect an RSS feed, but that still leaves your podcasts very vulnerable to being shared outside your intended audience. Once a user enters their credentials to access the feed, you no longer have any control over what they do with that content, including who they share it with.
This is why uStudio recommends investing in a standalone secure private podcast app for delivering corporate podcast content to your defined audience. With a dedicated app, your organization has complete control over how your audience can access and interact with your content. This level of control is imperative for meeting enterprise content security requirements, but it also allows for other benefits like around branding, analytics, and integrations.
Step 2: Restrict Access to the Corporate Podcast App
Once you have a standalone secure private podcast app, you gain the ability to use the same auth system that your audience already has credentials for to restrict access to the app. Integrating your own authentication provider provides a great shortcut for working with IT to meet security requirements because that provider has already been approved for use to restrict access to the same audience in other areas of the business.
This also lays the groundwork for enabling more sophisticated audience segmentation in the future as your corporate podcast program grows. Because you have access to more data about each of your users through that integrated auth system, you’ll have the ability to restrict access even further within the app based on attributes like location, department, or seniority.
Step 3: Lock Down the Media Players and Streams
Most of the aspiring corporate podcast creators we speak to don’t initially consider player and stream security when defining podcast security requirements. It’s easy to forget, especially with audio podcasts, that your podcast app is chock full of media players that have their own URLs and ultimately provide the window for accessing the media streams themselves. Without security at the player and stream levels, you can’t prevent authorized users from sharing your sensitive corporate podcast content outside of your app.
At uStudio, we use what’s a called a signed embed system to secure the players and streams in our Corporate Podcast Solution. This system entails generating a series of unique signatures and verifying them across the mobile app server, the uStudio Platform, and the CDN. By implementing these checkpoints, we can be confident that the only time a player and stream will load and play is when an authorized user requests it from inside the application.
**Special Consideration for Offline Mode**
One secure podcasting feature that appeals to many content creators is enabling their audience to access content from anywhere, including places like airplanes where an internet connection isn’t available. Many of the security configurations we recommend in this post depend on connecting to the internet to ask various systems whether a user has permission to access the content before allowing it to play. Unfortunately, if a user isn’t connected to the internet when they go to stream an episode, this isn’t an option.
For some organizations, this may mean that offering an offline corporate podcast experience isn’t compatible with their security needs. However, there are ways to mitigate the security risks of offline mode that can be configured. If you want to talk about more about about those options, contact us!
Ready to get started with corporate podcasting? Visit our product page to learn more about uStudio Enterprise Podcast