How do I protect a webcast from unauthorized attendees?

Introduction

Depending on the target group and security level, there are various ways to secure a webcast. Basically, it is important to distinguish whether the webcast is intended solely for internal company employees or for an external group of people, e.g. media representatives.

There are two options for people external to the company: 

Simple password:

In addition to a simple registration form, a common password can also be assigned.

  1. Open the Registration menu and activate the “Registration” toggle. 
  2. Besides all the available query fields for the registration form, there is also a “password.” field in the right column. 
  3. Drag the field from the right column to the left column (from “available fields” to the “selected fields” column). 
    • If you want to collect information from your participants, drag more fields from the right column to the left one. 
  4. A little below the two columns, a line appears with the password set automatically. If it does not appear automatically, refresh your browser view (variants to refresh: Press F5, CTRL-R, Apple-R, click the Registration menu again, then click the reload icon next to the address line of the browser URL). 
  5. You can change the password to your own liking. Click on it, change it and confirm the change by clicking on the checkmark next to it. 
  6. Share the password along with the webcast URL with your potential viewers. Anyone who has knowledge of the password and URL can watch the webcast 

Personal invitation through SlideSync

If you know the external guests, and you want to make sure that only these invited guests can watch the webcast, SlideSync can send personal invitation emails with a personal key.

  1. Go to the “Registration” menu and activate the toggle “Restricted attendance”.
  2. Further down, you can type in the e-mail addresses of the attendees and trigger the invitation. The system will then create a personal key for this e-mail address.
  3. All invited attendees will be listed chronologically in the list below.
  4. If the attendee has not received an e-mail, the small circular arrow can be used to send another invitation with the same key.
  5. The attendee will receive an email with the personal link to the webcast. By clicking on it, he/she will be forwarded to the webcast.
  6. If a second viewer mistakenly gains access to this link and uses it, the first viewer will be informed about the double use of the link and will be kicked out of the webcast.
  7. The first viewer can click his/her link again, and the second viewer will be informed and removed from the webcast, etc.
  • SlideSync is not able to authenticate the correct participant. Only the multiple use of the link can be prevented. By deleting the entry in the list of invited participants, the access key can be deleted and access been blocked. In order for the legitimate recipient to receive valid access, a new invitation must be sent to the recipient. 

Advantages

  • Only designated persons can watch the webcast
  • By deleting the key on server side, a previously sent out invitation can be revoked
  • The e-mail adresses of the desired recipients for an invitation e-mail need to be known in advanced in order to be able to send out an invitation
  • Does work for company internal as well as external events.

Disadvantages

  • Those invitations need to be send by SlideSync. The origin e-mail adress is noreply@slidesync.com. Normally this e-mail address is not know by any recipient.
  • No guarantee can be given, whether the webcast attendee is the wanted person or not.
  • Currently, there is only a one by one solution possible in SlideSync backend. Long lists of attendees need to be uploaded by SlideSync-Support.
  • External security software as Microsoft Guard or Microsoft Safelinks can interfere with our invitation e-mails. They emulate a second user, which SlideSync does not allow. It leads to a disconnect on the real webcast attendee on the first connection attempt.

For corporate employees, the following options are available:

Automatic triggering of a personal invitation
for people with a company e-mail address:

  1. Go to the “Registration” menu and activate the toggle “Restricted attendance.” 
  2. In the line at “Allowed domains” add the domain of your company or even department.  
  3. (E.g. @example.com or @department1.example.com). 
  4. Distribute the attendee link using your own email program.
  5. The recipient of your email clicks on the link and is taken to a simple form page. There he/she has to enter his/her company email address (e.g. Max.Mustermann@example.com). If that domain is stored in the webcast, the system will send him/her an e-mail with his/her personal link. By clicking on this link he/she can attend in the webcast.
  • This link can be used only once at a time. If this link is shared with a second person, the second viewer will remove the first from the webcast.

Authentication by the employer
(Single sign-on via SAML or OAuth2)

This requires setup by in-house IT and SlideSync, as well as a Microsoft 365 account. 

An event group is created and the SAML option (which stands for Security Assertion Markup Language, a means of securing access) is set up by SlideSync IT. All webcasts created in this event group are protected by SAML. 

An employee logs into their company work computer at the beginning of their work hours. If this account is part of the company’s valid SAML group, he can see SAML-protected webcasts from SlideSync. 

If this employee is on a third-party computer, he is directed to a login page of his employer when he calls up the webcast link. There he authenticates himself with his company account. The person is then redirected to the webcast.