Is Your System Safe? The Role of Human Error in Cybersecurity Mistakes

Back to Industry Insights

Many believe that the adoption of new technologies has left the industry vulnerable to cyber security incidents. This notion holds weight: prior to the digital era, businesses operated on internal legacy systems which were extremely difficult to breach without the proper equipment.

So, do we need to forgo technology altogether in order to ensure the safety of intellectual property?

Quite the opposite.

Digital technologies have fundamentally altered the way the M&E sector does business –– for the better. The ability to access, process, and deliver massive amounts of data at lightning speed has not only helped to amplify consumer experiences, but also reach more audiences than ever before. And on the business side, technology has helped organizations streamline time-consuming manual processes such as rights management and financials.

Adapting to Risk in a Digital World

The Equifax breach proved that hackers can outsmart even the best-laid security measures. This is not to say that every business is doomed to fall prey to an attack of that scale. Rather, it signals the need for businesses to be hyper-aware of the tools, systems, and protocols they have in place. This is especially key as M&E companies continue to adopt digital techniques to manage complex creative and distribution processes.

The Shift to Cloud Computing

The proliferation of portable devices and emerging distribution channels such as OTT, SVOD, and social media demand more flexible models to better engage an increasingly fragmented audience. As a result of these changes, cloud computing has become an integral part of managing and conducting everyday business.

Cloud-based technologies enable media companies to keep pace with the ever-evolving landscape by providing:

  • Remote content storage in a connected environment
  • Instant access to real-time information on acquisitions, sales, and availability details
  • Substantial reduction in both capital expenditure and fixed costs

As M&E companies flock to cloud-based solutions to manage and store their digital content, they must be smart about their approach –– especially when it comes to selecting a third-party vendor. Vendors can easily claim that their “system” is secure and has passed various penetration tests. Unfortunately, that’s not enough. It’s about the organization’s care of that data, the husbandry of their clients’ data.

Secured Doesn’t Always Mean “Secure”

Utilizing a secured server such as Amazon Web Services doesn’t mean your data is automatically secured. In fact, there’s a huge distinction between the security of the cloud and the data you put into the cloud. This is what SOC 1 and SOC 2 govern: the processes of accessing client data through the software development life cycle. Vendors can take all necessary measures to secure their system or even place it on internal hosts; however, the casual handling of sensitive client data outside of the system itself obviates any security measures taken.

Here is a real world scenario:

A recognized vendor in the rights management arena uploaded confidential client information to the Amazon Simple Storage Service (Amazon S3), disabling standard security settings for easier access. As a result, confidential information from respected industry names such as EMI, Sony Pictures, Comcast, and NBCUniversal were left vulnerable. To make matters worse, an independent research firm was then able to uncover a trove of confidential information for one of the world’s largest toy manufacturers –– screenshots of royalty tracking, client financial information, an unencrypted spreadsheet of remote access logins for their server, and more than enough credentials for anyone to gain access to their system

This particular scenario would not pass muster on a SOC-audited company. Not only is a breach of this nature career limiting, it makes a company vulnerable to lawsuits, customer attrition, and a variety of other repercussions.

7 questions to ask to ensure a potential vendor is SOC 1 and SOC 2 compliant:

  1. Do you encrypt data at rest?
  2. Do you encrypt data in transit?
  3. What's your backup policy?
  4. Do you leverage intrusion protection or intrusion detection systems (IPS/IDS)?
  5. What's your mean time to recovery?
  6. Do you leverage access logging?
  7. How often do you change your encryption keys?

Vet Before You Invest

When it comes to vetting the viability of vendors, due diligence is required. While negotiating a competitive price is important, it’s more beneficial to work with vendors who have the financial stability, expertise, and manpower to ensure that your data is in good hands.

Small companies may not have the resources for a SOC audit, which takes many months and significant investment to obtain. Not to mention, they may not have a full-time staff to actively manage the security environment or continuously deliver product improvements.

The fact of the matter is that disruptive technologies will continue to transform the industry. In order to protect intellectual property against piracy and hackers, we have to face the associated risks head on. And it all starts by ensuring that the data we store in the cloud is not only secured, but secure.

tablet displaying Business Intelligence Manager

FilmTrack's Financials Manager

Enjoy the most robust financial tools in the industry, built to handle the most complex calculations. Whether it’s circular deductions, financial waterfalls, or royalties in/out, you can relax and know that everything is being split and paid accurately.

Learn more
laptop computer displaying FilmTrack app

FilmTrack's Contracts & Availabilities Manager

Increase revenue, get to market quicker, and optimize the value of your library. Our Contracts and Availabilities Manager provides automated, real-time contract and availabilities data across your entire catalog.

Learn more
computer near coffee cup displaying Brand Licensing Manager

FilmTrack's Brand Licensing Manager

Increase revenue, save time, and measure the success of your brand licensing program. RoyaltyZone, a FilmTrack solution, makes it easy for you to automate your business and take your licensing game to the next level.

Learn more

Related Articles:

The Benefits of Brand & Product Licensing

In the world of business, partnerships are often the best recipe for success. Whether your business is looking to get off the ground, looking for new streams of revenue, or has hit a plateau and is looking to break through to that next level, teaming up with someone else who’s trying to do the same thing can be a win-win. One common way this is done is through brand and product licensing.


In the 2020 Winter edition of the MESA Journal, FilmTrack's current COO Michael McGuire explains how the pandemic has impacted the entertainment industry and how that impact may have fundamentally changed the industry moving forward. Most notably the halt of production and the shutdown of theaters has put tremendous value on existing libraries. Utilizing software such as FilmTrack to fully understand what is currently available for sale or distribution, as well as what will be coming available and when, has become imperative to not only conduct business as usual but thrive in the current economy.

By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, and analyze site usage. View our Privacy Policy for more information.