Frame.io Earns SOC2 Type 1 Compliance and Releases New Security Features for Enterprise Video Teams

2018-07-10 12:00:00

Frame.io Security Updates

Frame.io Security Updates

SOC2 Type 1 certification is a milestone in our efforts to keep customers' data protected. Ensuring customers’ content is safe and accessible is a responsibility we take very seriously. Now, when we say that your content is secure, you don't have to only take our word for it.

NEW YORK

Frame.io, the leading workflow management platform for video, has made significant steps to strengthen security in media environments, announcing that the company has received SOC2 TYPE 1 compliance, ensuring customers’ data is protected. In addition, the Frame.io video collaboration platform now includes two new security features: Visual Watermarking and Asset Lifecycle Management, expanding security management to front-line workflows.

“At Frame.io content security matters. It doesn’t just matter, it’s everything,” said Emery Wells, co-founder and CEO of Frame.io. “Earlier this year, I wrote an open letter to our customers about our growing security team and initiatives, with a promise to not just meet security best practices, but far exceed them. Becoming SOC2 Type 1 compliant is a big step toward our goal to lead in the content security space. And releasing new security features like Visual Watermarking and Asset Lifecycle Management is another way we can deliver on our promise.”

Ensuring Data Protection Through SOC2 Type 1 Compliance
As part of this compliance, Frame.io underwent a rigorous audit process conducted in accordance with the American Institute of Certified Public Accountants (AICPA). The audit process evaluated Frame.io against service controls derived from three key trust principles of SOC2 - security, availability, and confidentiality. That means all customers can rest assured their valuable media assets are protected from security threats today and well into the future.

“SOC2 Type 1 certification is a milestone in our efforts to keep customers' data protected,” stated Wells. “Ensuring customers’ content is safe and accessible is a responsibility we take very seriously. So instead of just talking about our security processes, we invited an independent third party auditor from an accredited auditing company and had them examine us against security, availability, and confidentiality controls. This is just the first of many measures Frame.io is taking to build the industry’s best security program. Now, when we say that your content is secure, you don't have to only take our word for it.”

As part of the audit process, auditors examined various internal controls and practices, including human resources, software development lifecycle, risk management & assessment, vendor management, change management, incident response process, security monitoring & operations, infrastructure & cloud security, physical security, and most importantly, the Frame.io management and board's commitment to security & privacy of Frame.io customers.

Customers can review a SOC2 Type 1 report, validating Frame.io security controls. The Frame.io SOC2 Type 1 report is available under NDA to all existing and potential customers.

Frame.io’s effort to obtain SOC2 Type 1 compliance was led by Frame.io Head of Information Security, Abhinav Srivastava. Abhinav joined Frame.io this past September from the AT&T Research Lab where he was leading a number of security research efforts. Abhinav and the Frame.io security team recently co-authored a white paper published on July 9th as a part of Usenix's HotCloud '18 Workshop on cloud computing.

Learn more on the Frame.io blog: https://blog.frame.io/2018/07/10/delivering-on-our-security-promise/.

Download the Frame.io Security white paper, Go Serverless: Securing Cloud via Serverless Design Patterns.

Security is not a checkbox, it is a never-ending part of the product development process. And so Frame.io has released two new features to further strengthen its ties with enterprise customers.

Introducing Visual Watermarking
Now admins and team managers can configure watermarks that are embedded onto any media their users upload to Frame.io. Admins can type out their own custom watermark, set its opacity, and choose where in the frame they want the watermark to appear. Then they can configure their team settings to automatically watermark the content their team uploads to Frame.io, helping deter any unauthorized sharing of their team's content.

Introducing Asset Lifecycle Management
With Asset Lifecycle Management, customers need not worry about cleaning out old videos from the platform; Frame.io does it for you on an automated cadence that you define. Admins and team managers can set a limit on the number of days a given asset will remain in Frame.io. Once an asset hits that limit, Frame.io automatically deletes it. Assets can be restored up to 30 days after deletion and admins can disable Asset Lifecycle Management on a per-project basis.

Asset Lifecycle Management is built for the enterprise admin that finds themselves removing assets from Frame.io constantly, whether that be for security, for better organization, or for increased storage capacity.

Download the Frame.io Security Updates press kit here.

About Frame.io
Frame.io powers the future of creative collaboration. Today’s leading media companies use Frame.io to streamline their video review and collaboration process with teammates, clients and a variety of other stakeholders. Frame.io is all about what happens before distribution, before you reach the finish line. They make getting there faster, smoother and more efficient with a single platform that works seamlessly across web and mobile. Frame.io for iOS is the winner of a 2016 Apple Design Award.

Frame.io is backed by industry heavyweights including FirstMark Capital, Accel Partners and Jared Leto. To learn more please visit http://frame.io.