SUPER DRAFT TO NOT PUBLISH YET 

Security issues maybe to add to FAQ (please review and delete this page if no longer needed):

Data Protection within the services

The TriCaster Now service employs advanced security mechanisms to safeguard your data.

Encryption technologies are utilized for data at rest, ensuring that stored information is secure from unauthorized access.

We continuously enhance and update our security protocols to align with the latest security standards and best practices.

Preventing Unauthorized Access

Robust security measures, including Multi-Factor Authentication (MFA), are in place to reinforce the security of user accounts and data.

MFA adds an extra layer of security by requiring users to provide two or more verification factors to gain access, ensuring that your credentials and data remain secure.

Data Encryption Protocols

While data at rest is securely encrypted, we also prioritize the security of data in transit.

Most surfaces for data in transit are covered, with ongoing efforts to upgrade the security level of components like LivePanel and API that still use HTTP.

Video and audio feeds transmitted with NDI Bridge are encrypted to maintain confidentiality and integrity.

Compliance Certifications and Standards

The service is designed in alignment with recognized security standards and compliance certifications, ensuring that your data is managed and protected adhering to stringent regulatory and industry benchmarks.

User's Role in Security

While the platform provides foundational security features, users have a pivotal role in enhancing security.

Following security best practices to protect your network and data is crucial.

Implementing additional security software, including antivirus, anti-malware, and exploit mitigation tools, can bolster defense against malicious code and cyber threats.

Key Takeaways:

  • Ongoing Security Enhancements: We are committed to continuously improving the security features of the TriCaster Now service, including upgrading the security level of components like LivePanel and API.

  • User Collaboration: Users are encouraged to actively participate in securing their data and networks. Implementing security best practices and additional defense mechanisms amplifies the overall security posture.

  • Comprehensive Security Approach: TriCaster’s security approach is comprehensive, combining platform’s built-in security features with users’ proactive security measures to ensure optimal data protection.

Training - Security Education Section in Customer Training Program

Potential topics to be evaluated

  1. Shared Responsibility Model (Cloud Aspect):
    1. Clarify the shared responsibility model when using cloud services like TriCaster Now.
    2. Highlight which security aspects are the responsibility of the cloud provider (Vizrt) and which fall under the user's responsibility.
  2. Access Control and Authentication:
    1. ?Implement robust access controls to ensure only authorized personnel can access TriCaster Now.
    2. ?Educate users on strong password policies, including regular password changes and the use of multi-factor authentication (MFA).
    3. Emphasize the importance of not sharing passwords or access credentials.
  3. Network Security (On-Premises):
    1. Educate users about best practices for securing their local network infrastructure.
    2. Encourage the use of firewalls, intrusion detection systems, and network segmentation.
    3. Emphasize the need for regular network vulnerability assessments.
    4. Risks associated with open ports and potential vulnerabilities. PORT 80
  4. Malware Protection (On-Premises):
    1. Advise users to install and regularly update antivirus and anti-malware software on their local machines.
    2. Educate them on the risks associated with downloading and opening files from untrusted sources.
  5. Data Encryption:
    1. Explain the importance of data encryption, both in transit and at rest.
    2. Encourage the use of encryption protocols and tools for sensitive data.
  6. File Upload Security:
    1. Teach users to scan files for malware before uploading them to TriCaster Now.
    2. Emphasize the risks of uploading malicious files.
  7. Patch Management (On-Premises):
    1. Stress the significance of regularly updating operating systems and software.
    2. Explain the role of software patches in addressing security vulnerabilities.
  8. Incident Response and Reporting:
    1. Provide guidelines for recognizing and reporting security incidents.
    2. Explain the procedures for handling security breaches and the importance of timely reporting.
  9. Physical Security (On-Premises):
    1. Discuss the importance of physically securing servers and network equipment in on-premises environments.
    2. Emphasize controlled access to server rooms.
  10. Compliance and Regulations:
    1. ?Educate users about relevant compliance standards, such as GDPR, HIPAA, or industry-specific regulations.
    2. ?Explain their responsibilities for adhering to these standards when handling sensitive data.
  11. Continuous Training and Updates:
    1. Stress the importance of staying informed about evolving security threats.
    2. Encourage users to attend regular security training sessions and stay up-to-date with security best practices.
  12. Reporting Suspicious Activity (On-Premises and Cloud):
    1. Instruct users on how to report any suspicious activity related to their on-premises setup or TriCaster Now usage.





https://shadow.tech/en-GB/faq

Is Shadow secure?

Yes. With Shadow, you are the security and anti-virus handler, exactly as you would be on a regular PC.

That being said, as with any Windows 10 PC, your Shadow will have Windows Defender enabled and installed at startup.

We strongly advise you to either keep this protection or change it, but always have an active antivirus.

On the machine side, your Shadow is hosted in a Tier 3 + datacenter, managed by an ISO 27001 certified company (Secured Hosting of IT Infrastructure).

A dedicated team is permanently present on site, 24 hours a day.

We also have effective protection systems against cyber-attacks (for example, firewalls against DDoS and other threats), and we encrypt the data sent from your hardware to the machine where you launch Shadow.

Finally, one of the many advantages of Shadow is the redundancy system: if a physical component fails (such as the hard drive, for example), its copy automatically takes over, so your data is not lost and you can still access your Shadow account.


Do you see what I'm doing on my Shadow?

Only you have access to your computer, and only you can know what is stored in it.

You are the only one who can access your account data.

However, our systems monitor the server hardware component usage to control the temperature and energy consumption of the data center.


Can I permanently delete all my data?

Yes, just like on a regular computer. For a more radical way, you also can reset your disk in your customer account.


NOTES

DATA AT REST and IN TRANSIT

ADD DETAILS REGARDING NDI BRIDGE 

LOGIN and MFA 

NETWORKING BEST PRACTICE 

CERTIFICATE: each tenant has got its own certificate 

Make something special for LIVE PANEL HTTP

  • How is my data protected within the platform?
  • What security measures are in place to prevent unauthorized access?
  • Is data encryption used to secure my information?
  • Are there any compliance certifications or standards that the platform adheres to?