Hollywood IT Summit Experts Tackle Cloud Security

By Bryan Ellenburg

While attending the recent NAB Show in Las Vegas, Sean Flynn, chief technology officer for Marvel Studios, repeatedly heard (“Too many times to count”) that content creators should simply trust their cloud service providers.

That’s advice every content company would be wise to ignore, he said April 22, speaking at the Hollywood IT Summit.

“You don’t trust anyone,” Flynn said. “If we want to do business together, and I say ‘Trust me,’ you better run.”

The benefits of cloud offerings for media and entertainment companies may seem obvious. Anytime, anywhere access to content, remote collaboration, mobile access to assets … it’s almost a given nowadays in the creative community.

“It’s almost not a request for the cloud, it’s become a necessity,” according to Bryan Ellenburg, security consultant for production and post-production for the Content Delivery & Security Association (CDSA). “Our business has really transformed in the last few years. More people are using their own devices [for work].”

But that “bring your own device” mentality also brings risks. Risks that are hard to swallow when you’re using cloud services to move around elements of a summer blockbuster with a budget in the hundreds of millions.

“I’ve got a $200 million movie on the Internet,” Flynn said. “That’s a risk.”

Sharing content in the cloud can compromise everything (from images to scripts, from video to personnel data), but only if both the service provider and content creator are careless, according to Ryan Kalember, chief product officer for WatchDox.

“When you send a file with an email, they have that file, and they have it forever,” he said. Today’s cloud-based file-sharing services can set content as view-only, disable downloading, add watermarking, and render content unreadable after a pre-determined period of time, he noted.

“That’s light years better than sending an email with an attachement … where you’ve forfeited control,” Kalember said. “Treat devices as hostile. Treat networks as hostile. Control your data.”