That is the sound of your content leaking into the hands of pirates – costing the industry billions. Wolverine, Iron Man and Indiana Jones and the Kingdom of the Crystal Skull are just some of the movies reported to have been leaked. The same holds true for TV content – though some argue that when a pilot or season premiere leaks – it falls into the ‘promotion’ category.
A study by AT&T researchers concluded that for 77% of movies being traded on the internet, leaks originated by insiders. Screeners are a prime source but throughout the production and distribution cycle there are opportunities for security holes and unscrupulous profiteers.
It may start with an insider just ‘sharing’ with a friend. However, the Internet can turn a small leak into a tidal wave – and something ‘for your eyes only’ can quickly be seen by millions around the world.
The supply chain to create entertainment content is long and complex – involving hundreds of people. Collaboration requires fast and easy exchange of files – in direct conflict with securing content from piracy. So how can you address that paradox - eliminate the barriers to share the files with the right people, while protecting it from the wrong people?
Let’s start with the vulnerabilities:
Physical Media is, of course, portable. Dub a tape, hand it to a courier and in hours it is where it needs to be for the next step in the production process. If the tape is lost or if the courier makes an additional dub, content is at risk. Physical media lacks ‘chain of control’ safeguards. Military and government organizations have complex processes to ensure that there is complete accountability around the ‘chain of control’ of a document or other physical item (e.g. evidence).
FTP or SecureFTP is a step in the right direction. Exchange of files between two known entities provides a greater degree of control. However, FTP is not ‘managed’ and the very tool being used to collaborate can also be used to send content to unauthorized parties. With FTP, transmission records are not well kept and there is no central management function. Anyone with access to the content can start an FTP client, select the destination and send a file. It is difficult to determine if the transmission was legitimate or piracy.
Best Practices to securing your content
1) Eliminate Shipment of Physical Media – Whenever possible – eliminate the tapes, disks and USB sticks.
2) DRM and Watermarking has helped. Making people aware that the leak can be traced back to them - and that they are liable - results in people being more careful. Producing watermarked or DRM content by automating those processes can implement these controls without too much overhead.
3) Implement a Content Distribution Management Solution to enable your entire supply chain with managed file exchange. All file transfers are tracked and controlled. There is central visibility into all transfers.
4) Insist on Enterprise Class Security for File Exchange. Insist on the same safeguards that banks use to protect money transfers.
a. Encryption during the transfer of files
b. Certificates to ensure that each computer in the network is authenticated to protect against interception of messages
c. Digital Signatures to ensure data integrity and to prove delivery of the files
d. AAA Integration to provide access and to track usage of individual’s actions.
e. Logging ensures that all files transfers are tracking.
5) Harden Physical Security – Protect the physical plant – video cameras, locked server room, encrypted data on disks and implement chain of custody processes.
Case Study
A post-production services company that understands that a single leak can ruin the company implemented a number of best practices to ensure that there is no content leakage:
- Reduced the use of physical media as much as possible and are encouraging clients to do the same.
- Installed video surveillance cameras at all locations within their facilities that have access to content.
- Eliminated the use of FTP.
- Hardened all computers inside the firewall including shutting off USB ports.
- Implemented a Signiant Content Distribution Management (CDM) solution that enables automated movement of content between all their partners. No content moves unless it is controlled by the CDM and logs all content into and out of the facility.
- Install a CDM gateway node in the DMZ– no content enters or exits without going through the CDM node and being logged.
- Uses automated workflows to watermark and DRM content when applicable.
There are rumours of companies and careers ruined by being the responsible parties. Old practices and culture need to adapt to an environment where the smallest leak can result in a tidal wave of lost content and profit. Best practices can be put into place to secure that content throughout the supply chain.
Tony Lapolito is Vice President of Marketing and Product Management at Signiant, the leading provider of Content Distribution Management solutions for the Media and Entertainment industry. Some of Signiant’s customers include NBC Universal, BBC News, Fox, Discovery Communications and FIVE.
