How your data is protected
Content uploaded to Screens (playlists, images, videos, URLs, Canva designs, Google Slides, etc.) is stored and served with the same security and privacy best practices that apply to every other area of the Envoy Dashboard.
Specifically:
Your Screens content is only accessible to people and devices that have permission to see it
Devices paired to your account can only display content from your account
Internal-only URLs (for example, an intranet page only reachable on your corporate network) remain internal
If only your device can reach the URL on your local network, Envoy and anyone outside your network can't see the page either. Envoy simply tells your device which URL to load.
Controlling access
Admin access to Screens settings, playlists, and devices follows the same role-based permissions as the rest of the Envoy Dashboard. You can learn more in Assigning roles & permissions to admins.
Securely pairing devices
Screens devices can be paired in three different ways:
Pairing code: a short, time-limited code generated on the device. The code expires after use.
Device URL: a unique URL that the device loads on startup. Device URLs are designed to be loadable by the device without a login step, which makes them convenient for Zoom Rooms, Teams Rooms, and kiosk setups, but it also means anyone with the URL can pair as that device. Treat Device URLs like a credential.
CSV: a bulk import for external devices. You export device data from your external system, upload it to Envoy, and your admin then pushes Envoy Screens to each device. Because no code or URL is ever entered on the device itself, the security of this method inherits the security of your external system.
Auditing changes
The Event Log surfaces administrative changes made within Screens, helping you review who paired devices, edited playlists, or changed content.