PRODUCT
Security.
Enterprise-grade by design.
Doors is built to power critical media operations for broadcasters, rights holders, and large organizations. Security is not an afterthought — it’s a foundation.
Content Security
Doors does not handle raw video or audio assets directly. Instead, it orchestrates metadata, availability, and playback rules. For encryption and DRM, Doors integrates with your chosen systems — such as transcoding services, DRM proxies, license servers, and CDNs.
During playback, only the end-user applications (TV, mobile, web) access video streams. They retrieve keys securely from your DRM provider, ensuring compliance with industry standards and keeping content protected across the entire delivery chain.
Authentication & Identity
OIDC integration → Connect Doors to your existing identity provider (e.g. Azure AD, Auth0, Google Workspace).
Passkeys → Modern, passwordless authentication built in. Works even in offline or air-gapped environments.
No password storage → Doors does not store user credentials.
Access & Permissions
Role-based access → Permissions are set per node in the EMS graph, ensuring fine-grained control.
Row-level security → Data access is enforced at the database layer, so users can only access what they’re authorized to see.
Audit & Compliance
Every action in the EMS is logged as a resource event. This creates a complete audit trail for changes such as content updates, configuration edits, or access to user-related data. It ensures accountability and supports compliance requirements.
Hosting & Infrastructure
Doors runs in your environment — cloud or on-premises. That means perimeter defenses, firewalls, and network policies follow your organization’s standards.
Docker + Kubernetes → Enterprise-grade deployment, designed for reliability at scale.
Encryption in transit → All communication uses HTTPS and secure WebSockets (WSS).
Data at rest → Clients can enable encryption at the storage layer according to their policies.
Sensitive Data
Doors does not process or store payment data. All payment handling remains with your chosen provider, ensuring PCI-DSS compliance.
Ongoing Security
Doors is responsible for maintaining and updating the software itself, including patches and security updates, while you retain full control over infrastructure.