MovieLabs unveils cloud production services security practices | Security | News | Rapid TV News
By continuing to use this site you consent to the use of cookies on your device as described in our privacy policy unless you have disabled them. You can change your cookie settings at any time but parts of our site will not function correctly without them. [Close]
Hollywood studios technology joint venture Motion Pictures Laboratories (MovieLabs) has published the first version of its Enhanced Content Protection for Production (ECPP), a set of best practices for production services vendors, cloud services providers, studios and productions.
movielabs 14dec2021 copy
In making its move, MovieLabs says that there is a general need for a common set of recommended cloud security practices, driven by the complex and rapidly changing world of media production and the migration of various parts of the workflow to the cloud. This it says results in multiple stakeholders with shared responsibility for securing cloud-based production workflows.

Developed with input from studio security experts and leading technology companies across the industry, the ECPP is designed to provide a unifying set of recommended practices for those designing, building, configuring, or assessing security of production workflows in the cloud.

The goal of the ECPP is to provide a guiding set of high-level recommended practices for establishing and managing cloud security. It is specifically focused on the new or significantly different practices for the cloud. Moreover, it is intended for those concerned with providing secure, cloud-based solutions and for people responsible for ensuring the security of their productions.

The document, together with its companion Executive Guide to the ECPP, looks at the current state of the threat environment and addresses the most common attack vectors along with the most active threat actors. It then provides a set of global best practices that apply to all uses of cloud services and more specific best practices for IaaS (Infrastructure as a Service, for example major cloud providers), PaaS (Platform as a Service, such as integrated infrastructure and software stacks that can be easily deployed) and SaaS (Software as a Service, such as cloud–based collaboration services). Finally, as production workflows are already spanning multiple cloud infrastructures including private and public hyperscale clouds, the ECPP discusses the challenges and considerations of securing multi-cloud production.

“ As part of our work to accelerate the evolution of media creation and the move to the cloud, we have developed the Common Security Architecture for Production (CSAP) on the premise that a different approach is required for securing production in the cloud, where the cloud is a resource shared across everyone working on a production.,” said MovieLabs CEO Richard Berger.

“Additionally, while we work with the industry to implement the CSAP in support of our shared 2030 vision, we wanted to provide a guide for securing production cloud services in the way we are using them today. We hope that the different ecosystem participants across the industry can align their unique approaches to secure and assess cloud-based workflows and can benefit from the ECPP.”

The Enhanced Content Protection for Production can be referenced on the MovieLabs website.