An important function as an administrator is to make sure your company's ever-evolving content, many of which are important commercial assets, is secure. In Acoustic content, you have the control to secure your content in several layers.
Here is how you can enable security at multiple levels:
Two Factor Authentication (2FA)
Acoustic Content has already enabled this extra layer of security for your hub. Any user trying to access your hub must log in with IBMid and password and then provide a second authentication credential in the form of a One-Time Password(OTP) sent to your subscriber email. The Two Factor Authentication is only required when you first access Watson™ Content Hub or when risk attributes of device, locale, or language are identified.
Cross-origin resource sharing
Sometimes it may be desirable or even necessary to access your content from a different domain. But, you don't want just anyone to be able to retrieve your content from your hub. So how do you control which domains can access your hub?
All you have to do is add the domains that you trust under the CORS setting, in your hub's Security page under Settings > Administration tab. Only add domains that require access to the content and assets stored in your hub, such as your web servers or your development environment.
The domain format must be protocol://server:port, where the protocol is either HTTP or https, the server is either your server name or its IP address, and the port is the port number of your server. For example, http://my.domain.org:80
Note: Only requests made using Cross-Origin Resource Sharing (CORS) are affected by this setting. The CORS support applies only to Acoustic Content API calls and not for accessing static resources.
Pages and content authentication
You can also provide your marketers to set a security layer at a more granular level. They can control access to the content they published to the delivery environment (CDN) by requiring authentication.
All you need to do is enable the Pages and content authentication setting from the Security page under the Settings > Administration tab.
Enabling this security option gives your marketers and content composers the option to set access requirements as they create their page or from editing page settings on existing pages in the site manager. Composers can also discover this security option as they create or edit individual content items.