How to create a secure podcast channel for internal podcasting
May 11, 2009 10 Comments
One of the things which are pretty crucial when you do internal podcasting and deal with sensitive information is the security level you implement in order to protect the sensitive information from unwanted eyes. In the early days when we implemented one of our first podcast series for a pharma company we were shocked to realize that all podcasts showed up in regular podcatch sites such as Odeo. Especially embarassing when Corporate Communications found out about it. Not good.
We learned a lot since. However, most knowledge we learned from trial and error. Surprisingly not a lot can be found on the internet about the process involved. Sure, there are many podcast hosting sites where you can upload your podcast, create a feed and submit it to iTunes. But when you do internal podcasting that is exactly what you do not want to do. Remember, when you use internal podcasting for business purposes two things are important:
1) You do not want your podcast to be found by the Googles in this world
2) You want to password protect your content
In addition, podcasters should in general consider the following as well:
3) You want to be flexible in your decision which hosting service you use
4) You do not want your feed to change since that will result in losing listeners
Regular podcast hosting services are aimed at obtaining an audience as large as possible, and create buzz wherever possible. Internal podcasting wants to stay below the radar, only accessable to selected members.
A few hosting companies have specialized themselves in this area. But not a lot. We have been using Podkive from Genetic Hosting for a while which provides easy creation of the feed through a simple web interface. However, lately they have been having some problems with their uptime, so I decided it was time to investigate other possibilities.
After half a day I think I have figured it out. It does require some logic thinking and I have to admit, it’s not for the technofobes. But it works. Until somebody comes up with an easy point and click system this is what we’ll be using. Let’s have a look.
The ten steps of creating a secure podcast channel:
- Take an account with a reliable hosting service which offers password protected directories. I’m not providing any ‘reliable hosting service-lists’ since you can find these plenty on the internet. Make sure that you have sufficient storage and bandwidth.
- In your home directory, create two folders: one for the files (video/audio) and one for the XML file.
- Password protect the folder with the files. Do not password protect the folder with the XML file.
- Upload your content via FTP to your files directory.
- Fire up your feed creation software. I use Feeder for that (Mac only, I’m sure Windows has similar programs too). Create your feed. This may require some setting and filling in the right paths where to find the content.
- Upload your XML feed via the software to the unprotected folder in your host directory.
- Check if your feed works. Copy and paste the feed address in your browser. If all went OK you should get a pop-up window asking for your username/password when you want to access the content.
- Now it’s time to make sure you will have the same feed till the end of days. Go to Feedburner.com and burn your just created feed into a Feedburner feed.
- Take this feedburner feed (starting with feeds2.feedburner.com/[feedname] and check if it works in your browser. Again you should see a pop-up window asking for your username/password. Fill in your credentials. You should be able to see your content
- Copy and paste the Feedburner feed into iTunes (Menu Advanced/Subscribe to podcast…). Hit OK. Fill in your username/password and off you go (remember to check ‘Remember Password’)
Because the folder with your content is password protected, Google spiders can not enter and hence can not find your data. If somebody finds the original path (which is difficult since it goes through Feedburner) they still can’t access your files without udername/password. If you want to change hosting services you just link a new feed to your Feedburner feed. End users won’t see the difference.
We think this is a nifty way of creating a secured channel. Is it 100% secure? Most probably not. Die-hard hackers will be able to hack into everything. And remember: the chain is as strong as the weakest link. Change username/password regularly, especially when people leave the company. And of course the morst important tip of the day: Don’t use sensitive information in your podcasts. We use no absolute figures when we talk about sales developments, only percentages. Treat this digital communication channel as any other. Cautiously.