TECH CONTENT SECURITY
T he conversation around content protection usually focuses on assets already delivered – anti- piracy, rights protection and fighting off IP-devouring GenAI. But we tend to think less often about security inside the production workflow, assuming that established internal protocols at studios or post houses have it all covered. However, as long as you have a digital connection to the outside world, hackers, pirates or just undertrained employees can wreck your content business. The distributed nature of modern media also means that production is distributed over multiple locations – a production’s own infrastructure, multiple vendors, individual contractors – and digital connectivity means multiple ways in and out of each of these nodes. It’s almost impossible for a production to directly monitor security at every point. MovieLabs, a technology think tank made up of the major Hollywood studios, created the Common Security Architecture for Production (CSAP) with the goal of establishing easier methods of managing security across organisational boundaries. CSAP was established as part of MovieLabs’ 2030 Vision, a roadmap for the studios which anticipates that virtually all of the content pipeline will have moved to the cloud by 2030. As a result, the architecture is built with distributed workflows in mind. It recommends that productions move to the ‘zero-trust’ security architecture widely used in multiple sectors. Zero trust means that every user, device and service must be authenticated before it can take place in any activity. “Production pipelines can use many of the same security solutions as elsewhere,” says Spencer Stephens, MovieLabs’ SVP production technology and security. “What is different is the way production works. For example, more of the users are contractors and there are more temporary locations than the corporate environment. We’re not unique, but we are different in how we need to apply security. Of course, there are technologies productions need that don’t have a huge role elsewhere, but many of those are at the point where we cross between digital and the physical. Video watermarking is a case in point.”
Though the lines between production and post are blurrier than they used to be, very different sets of activities are required between each – but they often share vulnerabilities. “When production and post- production are using the same technology, the risks are often the same. The traditional view of post- production facilities as a protected ‘fortress’ don’t hold true any more. You
may think that securing the DIT cart on a set is a different problem than an editor’s workstation but you should still take every precaution to prevent the content on the DIT cart being accessed by a bad actor on the production Wi-Fi,” Stephens adds. CONTROLLING ACCESS In some instances, the security and secrecy of your content is the core of the show itself (if PricewaterhouseCoopers
30
DEFINITIONMAGAZINE.COM
Powered by FlippingBook