To paraphrase a line from one of our platform colleagues at Avid:
There is no such thing as a completely secure system
Generally speaking, aside from anything Sibelius-related, a good way of working is to always assume that a system is insecure. Now, there's no need to be paranoid, but it's useful to bear in mind when you're planning the infrastructure of your site - after all, if your publishing business is going to be successful it's worth spending some time and effort in protecting your music.
Security standards employed by Sibelius Cloud Publishing
Keeping you and your data safe is of the utmost importance. Sibelius Cloud Publishing runs on the Avid Platform, which has been built from the ground up to be a secure environment for media-industry customers to work with. It employs many of the same techniques that you'll find, for example, at your bank to ensure secure communication and storage of your data.
Risks of publishing your scores online
It's worth pointing out that as soon as you display your score to a user in any form then it's possible for your score to be stolen!
Aside from adopting decent security practices, the best way of encouraging the legal use of your music is to provide a compelling user experience that is not easy to duplicate. The attraction for users therefore is not simply the music itself but also the extra goodies that you provide, be they features, added downloadable content, or whatever you may choose to develop.
Meanwhile, we're also actively working with music publishing associations to automatically limit and prevent copyright theft.
Printing is probably the most simple and common route of stealing your music. It's not new to Sibelius Cloud Publishing. It's called the photocopier!
Sibelius Cloud Publishing allows you to easily create deterrents to this approach:
- Only display an excerpt of your score before the customer has made a purchase. Once the score has been purchased, display a full version of the score and allow them to print. Of course, this approach doesn't guarantee that user won't then go on to photocopy your score but at least you can guarantee that a user purchases it at least once.
- Watermark your score - Sibelius Cloud Publishing allows you to embed text in your score on a per-view basis. You can use this text to embed any message of your choosing in your score, which will then be printed. You could embed for example your licensing terms: "licensed to Joe Bloggs for 2 copies only".
- Disallow printing altogether - there's no reason why you have to allow printing at all! If you're going to take this approach, you'll probably want to think about the design of your site to give users a way of viewing scores that they've previously purchased.
Every time you request a view of a score, a unique viewer URL is generated.
This URL expires after two hours by default, or you can specify a custom expiry if you wish. This prevents a user from gaining permanent access to any of your scores.
Reporting security flaws
If you find a security hole, or even if you just have a security related question, please let us know. It's something we take very seriously.