Securing Distributed Content Creation Workflows
Date & Time
Wednesday, October 23, 2019, 10:00 AM - 10:30 AM
San Francisco Room
As content creation teams have become increasingly connected in distributed workflows that span global IP networks, security has become a major business risk. In the past, content creation teams were collocated in “air gapped” facilities, working with physical media and specialized equipment disconnected from the wider world. The rapid convergence of media and information technology has provided tremendous benefits, but it has also exposed content creators to a broad range of security vulnerabilities. During the iterative post production process, the security stakes increase exponentially as a program progresses from raw material to final master. Making matters worse, the increasingly competitive global media marketplace requires content creators to generate more deliverables in service to “day and date” global releases. To generate all the internationalized versions of a program, a connected, global workforce is required.
In order to reap the creativity and productivity benefits of distributed, connected workflows, without taking on significant security risks, a holistic security approach is required. This paper frames the problem space by defining the broad range of security vulnerabilities facing content creation teams – from technical vulnerabilities to human vulnerabilities. The paper then proposes a comprehensive approach to securing distributed content creation teams. This approach comprises a combination of IT and media technologies that, when implemented in a pervasive, comprehensive fashion, enables highly secure distributed content creation workflows.
Areas of focus include:
• Data Security. Encryption at rest, in motion, and “at work” from camera to consumer. Secure key management.
• Content Security. Dynamic watermarking, both visible and invisible.
• User Security. Multi-factor authentication.
• Operational Security. Role- and user-based permissions management. Comprehensive logging of all user actions to enable early warnings, detection, and forensic analysis.
• Network Security. Connectivity via secure protocols (e.g. HTTPS, TLS).
• Malware Security. Rapid deployment of OS and security patches.
• Software Development Security. Secure software development practices (Secure SDLC).
• Brand Security. Signing of content with secure registration and authentication to prevent “deep fakes”.
Technical Depth of Presentation
This paper presents a framework for the security problem and a combination of technologies and techniques that address the problem. As such, I would say the presentation is fundamental.
What Attendees will Benefit Most from this Presentation
C-Suite Executives Operations Managers Technologists
Take-Aways from this Presentation
The main take-away is that securing distributed content creation workflows requires a holistic approach that comprises a combination of IT and media security technologies, implemented in accordance with emerging best practices.