Best Practices - Live Streaming Security
HTTP Large
Smooth Streaming
Authentication keys should be treated like any other security credential or password. It is paramount to keep these keys as secure as possible. We have observed incidents in which customers lost control of their authentication keys and then experienced unauthorized streaming on their account.
Although authentication keys may be exposed as plain text in an encoder or streaming tool configuration, cautionary steps should be taken to prevent them from falling into the wrong hands. The following precautions are recommended:
- Ensure that authentication keys are never shared outside of your organization. For example, they should not be inadvertently posted on an online support form.
- Periodically change your authentication keys.
- Periodically check for publishing points that are no longer needed and delete them.
- Perform general administrative security tasks on a regular basis. These tasks include:
- Remove old user accounts.
- Change passwords on a regular basis.
- Reminder users to use complex passwords.