Enterprise Video from the Other Side of the Firewall
In the 2016 Streaming Media Industry Sourcebook, Tim Siglin put together a Buyer's Guide to Enterprise Video Platforms. His article covered a number of bases from CDNs through to formats, OS, location, and security, and touched on these points with just the right level of detail.
This served as food for thought for those about to dip their toes into the EVP market, or those considering a change of vendor or technologies.
And this got me thinking. The article is from the perspective of what a vendor can potentially offer, not necessarily from what a customer perhaps would ultimately need. Having been the "other side of the firewall" on a number of projects, I thought it might be useful for people to see some of the other types of challenges presented to those wishing to deploy an EVP.
We can stick with some of the same headings that Tim has used for the sake of clarity and consistency.
A number of enterprises now use Thin Clients, most of which still rely on Flash or Windows Media (for multicast support) because of the way that video information is rendered for the display device. If players and codecs are not optimized it can result in huge amounts of bandwidth being consumed for a single video clip.
We'd all like to finally see Flash disappear given the frequency of updates. The software for thin clients is catching up and HTML5 support is coming, but is not quite there—so no fancy WebRTC support right now. And the same is true for desktops as well; many enterprises will be using a legacy OS, maybe even as far back as Windows XP and old browser technologies such as IE11. No auto-updating Chrome, I’m afraid. To make matters even more complex, there are likely to be many browser restrictions as well for plugins and the like.
Location, Lifecycle, and Security
Cloud-based services are developing at a fantastic rate with offerings from many different vendors. As Tim suggested, certain types of content can be ring-fenced and restrictions placed on who can access what from where.
Alas, that is nowhere near enough for most enterprises. They have different classes and categories of content that only certain people can view within certain areas. Pieces of content may be subject to regulatory control and internal compliance departments may stipulate that content can only be stored on dedicated systems. No shared cloud services here—but possibly private cloud.
And content may need to be encrypted at rest and in transport as well, with DRM and tokenized playback to ensure that only the intended recipient can view it.
In addition, certain countries place strict controls on where content created in that country can be stored and viewed, adding to the headache. For example, if I created the content in Singapore, but then flew to another office, would I be able to view that content, from a technical and regulatory standpoint?
It should be noted that certain types of content that are part of a financial transaction in regulated markets like equities may have to be retained if they are part of a deal-making process. And that retention policy could be for the length of the deal—so if it’s a 10-year bond, you have to keep that clip for at least 10 years. And certain regulators were stipulating that these clips needed to be retained on WORM drives, of all things, though this has been recently updated.
Proper lifecycle management is tremendously important. The ability to expire, retire, and retain clips easily is high up on the list.
Authentication is also an important area, ensuring that only those with the right level of permission can view a clip. Systems may need to support technologies such as single sign-on (SSO) and the use of LDAP/active directory. Again, these systems could be heavily loaded and several thousand people trying to authenticate against the latest town hall at the same time may cause things (and other systems) to grind to a halt.
The YouTube of the enterprise is still a long way off for most enterprises. It took a long time for most organisations to develop an acceptable use policy for emails. Now they have video to contend with.
Clips destined for certain audiences may need to be reviewed and approved before distribution. We like that; it makes sense. Different departments may have different requirements for approvals, so the ability to be flexible in this area is incredibly important.
And a full audit trail please—so we can see who did what, when and so on.
This is where it gets really interesting. Most enterprises have highly developed data centres running the latest operating systems with virtualisation capabilities. If software is packaged as some kind of VM image this may make installation and integration much easier. If you want to deploy an appliance or dedicated hardware, you could be looking at a risk assessment process that can take up to a year in some organisations!
These risk assessments delve under the hood looking at password rules, failed logins, broker accounts for administration, open ports, and a multitude of other settings and requirements. Jumping through all of these hoops is not quite mission impossible, but damn close. Some institutions will flatly refuse certain appliances or boxes running certain flavours of operating system.
And we haven't even started discussing the actual underlying network yet. Corporate networks have grown to embrace huge amounts of data, running gigabit and faster to the desktop and multi gigabit speeds across the campus. Still, lots of the glue holding these networks together were not designed to handle 10,000 people trying to simultaneously view a unicast video. Caching and proxy services can be stretched to breaking point, impacting other more important services on the network. You may think your town hall webcast is the most important thing to deliver—but try explaining that to a foreign exchange trader that has just lost access to his live market data services because of the latest ego-cast. Good luck with that.
The enterprise is a hugely complex beast, moving slower than a sloth on sleeping pills. There are ways to speed up in certain areas without cutting corners, but you will likely be at the mercy of some highly experienced IT and security professionals that can destroy the joy and enthusiasm of a vendor before they have their first coffee of the day. And rightly so—they are the defenders of the empire and don’t want to let the drawbridge down to just anyone.