logo

Live Production Software Forums


Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

Options
Go to last post Go to first unread
farukhcasy2  
#1 Posted : Saturday, July 25, 2020 3:19:53 PM(UTC)
farukhcasy2

Rank: Newbie

Groups: Registered
Joined: 7/25/2020(UTC)
Posts: 1

Hi all,

Anyone had luck getting vMix onboarded through their company's IT security? The company I work for requires security penetration test results and other security documentation - things vMix, being a small company, isn't willing/capable of providing. Anyone currently using vMix in a corporate setting? Was it approved by IT security? Curious about how to get through this barrier. Thanks in advance.
Catchb  
#2 Posted : Saturday, March 27, 2021 10:24:55 AM(UTC)
Catchb

Rank: Newbie

Groups: Registered
Joined: 3/27/2021(UTC)
Posts: 1

Hi,

Any luck with this? We are in the same situation as well. How did you tackle this?
SuperBill  
#3 Posted : Sunday, March 28, 2021 2:01:57 AM(UTC)
SuperBill

Rank: Advanced Member

Groups: Registered
Joined: 2/5/2021(UTC)
Posts: 32
Canada

Thanks: 2 times
Was thanked: 3 time(s) in 3 post(s)
Probably best to have a sit down with your IT director to find out what they really need vs what the generic corporate policy is. Vmix brings extraordinary value.

Almost any corporation that needs this also has a sandboxing, dmz or isolated environment for projects.
djones02  
#4 Posted : Saturday, January 29, 2022 9:28:36 AM(UTC)
djones02

Rank: Member

Groups: Registered
Joined: 4/14/2021(UTC)
Posts: 15
Canada

Was thanked: 1 time(s) in 1 post(s)
Is there any info on vMix's security and dev practices?
Corp security would like to know.

lbgaus  
#5 Posted : Tuesday, February 1, 2022 8:42:54 PM(UTC)
lbgaus

Rank: Advanced Member

Groups: Registered
Joined: 11/30/2013(UTC)
Posts: 165
Location: Seoul, South Korea

Thanks: 39 times
Was thanked: 19 time(s) in 14 post(s)
I have vMix running in several systems at my workplace. Every company has different IT security strategies, we have several different tiers of network subnets with different operational requirements based on business impact if a system were to be compromised.

You can argue with the IT department all day, but in the end documented security and dev practices are really just a warm blanket that give a false sense of security until a security researcher posts something on twitter and the hurricane from that blows the blanket clean off. If deploying a new system, it is the best to design your network so that if something is compromised, it is contained. If you are facing headwinds from your company and aren't getting anywhere, ask for a new VLAN to be setup whose devices are "untrusted" and your company firewall blocks everything except designated traffic you've approved to get in or out.
djones02  
#6 Posted : Thursday, February 3, 2022 8:09:39 AM(UTC)
djones02

Rank: Member

Groups: Registered
Joined: 4/14/2021(UTC)
Posts: 15
Canada

Was thanked: 1 time(s) in 1 post(s)
This isn't about a false sense of security or not trusting or anything else you mentioned.
It's called a security evaluation that is done on all projects and applications.

Security is not here to tell the business what to do or not do.
They can only recommend controls and best practices to mitigate shortcomings.

For example vMix recommends no Anti Virus except Windows Defender which is fine.
When evaluating a Tricaster they didn't want any AV at all on their product which meant trying to engineer a firewall that could follow the encoder on a cart around offsite or onsite.


The only question I can't answer right now is..
"Are secure development practices applied during application development to protect against the intentional or unintentional introduction of security vulnerabilities development?"
Users browsing this topic
Guest
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.