Cloudinary Blog

Blog posts of 'Security' tag
DAM for Developers: Access Control

In my last post, we spoke about AI-Based Content Analysis. Now, given the importance of security and privacy, authentication is at the heart of virtually all software. Access control is the layer on top of authentication that determines who can access what. Why is access control necessary? Because within most organizations nowadays is a multitude of digital assets stored in various folders, and functional teams need access to some of those assets to do their work even though their access to private assets must be restricted. Complexity arises as a result, especially during cross-functional collaboration among developers and other teams.

Read more
How to Deliver Images Through an HTTPS-Based CDN

A standard invented in the 1990s by Netscape, secure HTTP (HTTPS) safeguards and encrypts web content by combining two protocols: HTTP (for communications) and Transport Layer Security (TLS) (for encryption). Since then, that standard has been widely adopted for e-commerce and banking sites. According to HTTP Archive, despite its cost, complexity, and slower performance, HTTPS has been gaining popularity since 2015, with the number of related sites rising by over 70 percent that year—an increase from 14 to 24 percent of all sites.

Read more
Secure Image Transformations With Signed URLs
Modern websites and mobile apps frequently showcase images of various dimensions, sometimes varying the graphics, resolutions, and look and feel for different devices (desktop, mobile, etc.); and revamping the graphics with upgrades.
 
A key benefit Cloudinary offers is an easy, intuitive, and flexible process of modifying images. A case in point: by setting simple parameters in our dynamic URLs, you can resize or crop images, alter their shapes, and apply effects. After transforming images on the fly in the cloud and optimizing the resulting thumbnails, Cloudinary delivers them through a fast content delivery network (CDN).
 
All that makes it a snap to view the various images derived from a single high-resolution source. Here's an example of a dynamic image-manipulation URL in action:
Read more
Improve Customer Data Protection with GDPR Implementation

TL;DR

Yay! We've done it! Gold-Star for us! We've talked with all the people, made all the changes, paid all the lawyers and checked all the boxes. GDPR? ✅Done!

Not so fast. Of course, conforming to the GDPR regulations introduced in Europe is just the beginning. This is a process and a state of mind that must become part of our long-term cultural ethos.

Read more
How to Secure Images and Video Uploads to Your Systems

When was the last time you got paid $40,000 for a few days of work? That is what happened last year to Russian independent security researcher Andrey Leonov, who discovered that if you upload a specially constructed image file to Facebook, you can make Facebook's internal servers, nested deep within their firewalls, run arbitrary commands to expose sensitive internal files in a way that could easily lead to a data breach.

Read more
How To Use Cookie-Based Authentication to Protect Visual Media

Controlling who can access your images and videos, and when, can be an important concern for your business and security workflow. You may have resources that you only want some of your users or employees to access, or you may need to make sure that your original resources are secure, and only transformed (edited) versions of your resources are delivered, e.g., with a watermark or logo displayed.

Read more
Cloudinary now delivers images and videos over HTTP/2

Even though websites have changed dramatically over the years – from simple text-based pages to advanced in-browser apps full of images and videos – the underlying HTTP protocol really hasn’t changed - until recently, with the approval of the HTTP/2 protocol by the IETF. Today Cloudinary is proud to announce, as part of a CDN infrastructure upgrade, general availability of HTTP/2 support in our image and video management solution. This will help you optimize the user experience on your app or website even more.

Read more