Digital Media Core: Security
Too many people think of good security as an impregnable fortress.
It’s actually pretty easy to create a nearly perfectly secure computer; just cut all of the cables leading to or from it and encase it in a couple of tons of concrete. It’s not especially useful but it is very secure.
This problem is worse in a modern content business. Creative people are notoriously intolerant of security and will work around almost any system that gets in their way, so it’s especially important that the system be designed in such a way as to work seamlessly with the workflow of the business.
We want the security profile to fully support the complex business relationships that are often found in large content businesses and traditionally have been impossible to securely maintain in smaller shops. External contractors, vendors, clients & partners all want/need to have access at different levels to your network. Perhaps a contractor or vendor just needs to upload a completed asset or download some concepts; this should be managed as a part of a complete security framework that supports this kind of usage. Trusted partners may have the ability to access, perhaps even to contribute, to your knowledgebase; read notes on various aspects of a project, review work that has been done, file or resolve bugs. This type of system is almost a prerequisite for effective outsourcing. When you have simple control over the level and type of access that is provided and it is done in a structured, secure and auditable manner, great productivity benefits are only a few clicks away.
This does not mean that you “open the Kimono” to partners, in fact, entirely the opposite. With a modern security and permissions system in place partners only have access to the information that they are supposed to, instead of using whatever horrible kludges and workarounds are in place at the moment, unaudited, not even verified and probably not authorised.