By Nicholas Pearce

Recent world events have led to unprecedented cloud uptake, with cloud-based workflows offering teams the flexibility to work from home during the pandemic. (And we believe that some of these remote workflows will stay in place after COVID has gone.) The cloud and remote workflow technologies have enabled media pros to access storage remotely and stay safe, but how safe is the content itself?

After the outbreak of the pandemic, many organizations saw process changes and restricted access to on-prem storage as the only crisis worth worrying about. But in the rush to adopt cloud solutions, business continuity is under other threats. What do organizations need to be aware of to avoid valuable content being left in a precarious position?

Identifying Cloud-Based Threats
Proper digital content governance allows media companies to safeguard their assets from ingest through to access. Let’s look at the vulnerable areas to consider when protecting content so that assets can be curated, edited, shared and distributed safely. 

Remote Access
Access from multiple locations means that organizations are often risking security through an employee’s unsuitable home infrastructure. It’s understandable that during initial lockdowns companies needed to act quickly and set up teams working from home. However, it is now vital to audit all remote access, as many staff are interacting with content without the appropriate firewalls or secure connections in place. According to a study from Iomart, large-scale data breaches went up 273% in 2020.

Cloud platforms need to perform a dual function: streamlining workflows for staff so they can easily access content while ensuring that those outside the organization can’t do the same. It’s important that cloud storage solutions feature encryption-at-rest to deny access to any unauthorized users as well as third-party watermarking to trace content use.

Personal equipment can also exacerbate the security problem. With freelance post staff using their own at-home set-up rather than working onsite for the day, asset protection needs to be robust enough to cope with these variables. Security tools such as anti-screen-grabbing technology and real-time activity audits can help protect content while it goes through remote post processes.

Human Error
While many organizations have legitimate concerns around hacking, less attention is paid to the risks posed by post teams themselves. Mistakes happen, and without the right access controls and fail-safes in place to protect against accidental deletion or file corruption, content cannot be kept secure.

Media organizations and broadcasters have lots of different staff working at different levels within the content chain. It’s an important part of the creative process that those staff can collaborate seamlessly. The ability to self-serve content ensures that teams can realize the creative potential of their archive and organizations can effectively monetize their assets.

Unlike accessing content through a physical gatekeeper via manually serviced requests, teams can operate at maximum efficiency by using fully automated and tightly integrated workflows. However, the consequence of giving access to more staff is that organizations need to make sure they have implemented the right business continuity measures to protect their assets.

Cloud storage should offer systems of prevention and recovery to deal with potential errors. It is also vital that storage has options for variable access rights to be allocated to different staff. Assets must be password-protected for different editing and viewing privileges so that all departments have a level of control that matches their job function.

Cloud Reliance 
The benefit of content in the cloud is obviously remote access for post teams. However, without the right security protocols in place, content in the cloud can also be vulnerable to attacks and ransomware. The generic term “cloud” doesn’t explain the differences between services. Let’s look at the various options available:

• Public Cloud – Offers storage for both business users and consumers. While public cloud is easily accessible that fact can also be its downside, as there is a higher risk that it can be accessed by unauthorized third parties.
• Private Cloud – Provides the same accessibility but with enhanced security and more autonomy for media organizations. Private cloud is hosted on-premises from a private datacenter or from multi-tenanted service.
• Hybrid Cloud – Connects two cloud solutions and allocates them to tiers of storage. This enables organizations to categorize content into different use cases, such as content that post teams must access regularly versus deep archive storage.
• Multi-Cloud – Offers multiple benefits by allowing organizations the agility of the cloud and the security of a backup facility. This means that content can also be housed in a physical location, where it can be encrypted, and access to it is limited.

There is no one-size-fits-all approach, and often tailoring storage helps to meet a company’s specific needs. A combination of services offers higher levels of security, more connected services and more robust data protection. Most importantly, organizations retain control over their content and their metadata isn’t locked into agreements with cloud vendors.

Responsible multi-cloud offerings can effectively manage metadata and ensure content is protected throughout the media lifecycle. Reliable Digital Content Governance will allow companies to audit, monitor and restrict content where necessary. No one could deny the benefits of accessing content from anywhere, especially during social distancing restrictions, but it must remain secure.

During the urgent move toward cloud-based workflows, the security of media may well have been overlooked. Therefore, it’s important to assess the risks and plan for both business continuity and secure remote access. With these measures in place, media companies can safeguard valuable assets while adapting to a new flexible future of post workflows.

Nicholas Pearce is co-founder of Object Matrix, a provider of on-prem, hybrid and cloud object storage solutions that securely manage content throughout workflows.