Encrypt Player Storage [Enterprise Plan only]

Posted by on January 22nd, 2021

Yodeck player based on Raspberry Pi

⚠️This section is available only for players based on Raspberry Pi. For other player types, this section won’t be displayed at all. More details about the Yodeck Player based on Raspberry Pi can be found here.

Introduction

By enabling this option on your player, you can encrypt the entire Storage partition for your content to be safe.

If someone steals your Player, they won’t be able to access any of your media or information outside your network. That includes files, passwords, and usernames.

You can find this feature in the Advanced Settings under the Security tab.

Encrypt Player Storage Yodeck

Encrypt Media Storage on Player

By enabling this option, the player will encrypt the entire Storage partition.

Even if someone removes the SD card, he will not be able to extract any content stored on that partition.

You will see the image below on your TV screen by clicking the Save button.

After completing this process, the storage partition on your player will be encrypted.

Media Storage encrypted

If the player does not have access to the internet, you will see the below error message.

The player needs to connect to our server to retrieve the key and decrypt the encrypted partition when booting.

Media Storage encrypted

Store the encryption key also in the Player

By enabling this option, the player will store the key locally and will be able to decrypt the encrypted partition even when it is offline.

If you store the key on the Player, it will be able to work offline. A determined engineer may be able to extract the key and decrypt your data.

IP Address Whitelist for Key Retrieval

If you have enabled the option to store the Encryption key locally, you cannot use the Whitelist option. Only one decryption method can be active each time.

You can specify your public IPs (or subnets) with this option. Players will not get the Encryption Key from our platform if they connect from other networks, and you will get an email warning.

If the player boots on a different network than the ones you have whitelisted, the message below will be displayed on the TV screen.

Also, the player will display offline in your account until you boot the specific player on one of your Whitelisted networks.

Email Warning Sample

Subject: Device connection attempts from non-whitelisted IP Addresses

During the last hour, the following encrypted devices attempted to connect from non-whitelisted IP addresses:

  • Device ID: 9999
  • Device Name: Test Monitor
  • IP Addresses: xxx.xxx.xxx.xxx

Need Help?

The Yodeck Support Team can help you out! Reach out!