Many of our clients are required to comply with MPAA security standards in their day-to-day digital workflow. Wiredrive has numerous security features that aid in this process which can be read about on our security overview below.
This article is intended to give a more streamlined overview of how Wiredrive addresses the Digital Security requirements recommended by the MPAA. Keep in mind that this is not a full list, rather this just touches upon the areas that apply to Wiredrive in the content transfer portion of the program.
Transfer Tools
- MPAA recommends that companies use transfer tools that have access controls, at least AES 128-bit encryption and strong authentication. Wiredrive offers AES 256 bit encryption by default with fall back to 128-bit.
Transfer Device Methodologies
- Remove content from transfer devices immediately after receipt. Wiredrive users can delete content with a single click.
- Use receipt notifications to verify successful transfer of content. Wiredrive offers "Presentation has been viewed" receipts as well as view detailed analytics.
- Remove client access to transfer tool immediately after the successful transfer. Wiredrive allows four levels of access for users. Access can be revoked by administrators immediately.
Client Portal
- Assign unique credentials (username + password) to individual portal users. Send credentials via secure email. Require a minimum password length of 10 characters. Wiredrive requires a minimum password length of 8 characters in line with OWASP best practices.
- Ensure that user only has access to their digital assets and not those of other clients + users. Implement a process to review permissions and ensure that access is limited only to those who need it. Wiredrive allows controls that limit user's access to specific projects + assets.
- Use HTTPS and enforce the use of a strong cipher suite for the internal/ external web portal. All Wiredrive traffic uses SSL with AES 256 bit and 128-bit ciphers.
- Do not use persistent cookies or cookies that store credentials in plaintext. Cookies are destroyed at the end of a session. All passwords are encrypted and stored in the Wiredrive database using modern cryptography.
- Set access to content on both internal and external portals to automatically expire at set intervals. Wiredrive offers both automatic and manual expiration of Presentations and Presentation assets.
- Test for web application vulnerabilities (using industry accepted testing guidelines) annually and correct any validated issues. Wiredrive performs continuous automated testing using a top tier web security organization.
Comments
0 comments
Please sign in to leave a comment.