Many believe that the adoption of new technologies has left the industry vulnerable to cyber security incidents. This notion holds weight: prior to the digital era, businesses operated on internal legacy systems which were extremely difficult to breach without the proper equipment.
So, do we need to forgo technology altogether in order to ensure the safety of intellectual property?
Quite the opposite.
Digital technologies have fundamentally altered the way the M&E sector does business –– for the better. The ability to access, process, and deliver massive amounts of data at lightning speed has not only helped to amplify consumer experiences, but also reach more audiences than ever before. And on the business side, technology has helped organizations streamline time-consuming manual processes such as rights management and financials.
The Equifax breach proved that hackers can outsmart even the best-laid security measures. This is not to say that every business is doomed to fall prey to an attack of that scale. Rather, it signals the need for businesses to be hyper-aware of the tools, systems, and protocols they have in place. This is especially key as M&E companies continue to adopt digital techniques to manage complex creative and distribution processes.
The Shift to Cloud Computing
The proliferation of portable devices and emerging distribution channels such as OTT, SVOD, and social media demand more flexible models to better engage an increasingly fragmented audience. As a result of these changes, cloud computing has become an integral part of managing and conducting everyday business.
Cloud-based technologies enable media companies to keep pace with the ever-evolving landscape by providing:
As M&E companies flock to cloud-based solutions to manage and store their digital content, they must be smart about their approach –– especially when it comes to selecting a third-party vendor. Vendors can easily claim that their “system” is secure and has passed various penetration tests. Unfortunately, that’s not enough. It’s about the organization’s care of that data, the husbandry of their clients’ data.
Utilizing a secured server such as Amazon Web Services doesn’t mean your data is automatically secured. In fact, there’s a huge distinction between the security of the cloud and the data you put into the cloud. This is what SOC 1 and SOC 2 govern: the processes of accessing client data through the software development life cycle. Vendors can take all necessary measures to secure their system or even place it on internal hosts; however, the casual handling of sensitive client data outside of the system itself obviates any security measures taken.
Here is a real world scenario:
A recognized vendor in the rights management arena uploaded confidential client information to the Amazon Simple Storage Service (Amazon S3), disabling standard security settings for easier access. As a result, confidential information from respected industry names such as EMI, Sony Pictures, Comcast, and NBCUniversal were left vulnerable. To make matters worse, an independent research firm was then able to uncover a trove of confidential information for one of the world’s largest toy manufacturers –– screenshots of royalty tracking, client financial information, an unencrypted spreadsheet of remote access logins for their server, and more than enough credentials for anyone to gain access to their system
When it comes to vetting the viability of vendors, due diligence is required. While negotiating a competitive price is important, it’s more beneficial to work with vendors who have the financial stability, expertise, and manpower to ensure that your data is in good hands.
Small companies may not have the resources for a SOC audit, which takes many months and significant investment to obtain. Not to mention, they may not have a full-time staff to actively manage the security environment or continuously deliver product improvements.
The fact of the matter is that disruptive technologies will continue to transform the industry. In order to protect intellectual property against piracy and hackers, we have to face the associated risks head on. And it all starts by ensuring that the data we store in the cloud is not only secured, but secure.
In the 2020 Winter edition of the MESA Journal, FilmTrack's current COO Michael McGuire explains how the pandemic has impacted the entertainment industry and how that impact may have fundamentally changed the industry moving forward. Most notably the halt of production and the shutdown of theaters has put tremendous value on existing libraries. Utilizing software such as FilmTrack to fully understand what is currently available for sale or distribution, as well as what will be coming available and when, has become imperative to not only conduct business as usual but thrive in the current economy.