A Secure Remote Workflow Checklist for Video Pros

by | June 21, 2022

For filmmakers and other video production professionals, intellectual property (IP) is everything.

That’s why most professional studios are cocooned by multiple security layers. These layers often include physical security elements such as guards, fobbed doors, and CCTV cameras; air-gapped RAID arrays and workstations; strict access control to applications and data; and even audited computer sessions that record every click and keystroke in real-time.

So how can you maintain a similarly airtight security posture while working with multiple remote stakeholders around the world, each accessing video content via the internet and often using residential WiFi networks?

The task may seem daunting. But it is possible. Here’s a secure remote workflow checklist video pros can use to keep hackers from stealing files remotely.

Secure File Transfer of Large Media Assets

Encrypted media delivery, verified by the Trusted Partner Network

1. Identity access management

It’s an old cybersecurity line that’s as true now as ever: Humans are the weakest link in network security.

That’s why you need access management controls such as multi-factor authentication (MFA, also known as two-factor authentication, or 2FA) across all your business applications.

But MFA is the bare minimum when it comes to locking down access. Strongly consider instituting other zero trust elements such as the principle of least privilege: If a user or an app doesn’t require access to specific data or other apps to do their jobs, shut that access down.

Develop a list of written roles-based access policies for users and groups, keep it up to date, and pair it with automated identity and access management (IAM) software to enforce rules and track user activity.

You don’t need a bad internal actor to cause a big security problem – all it takes is one mistake to jeopardize your secure remote workflow.

2. Encryption

There are other lines of defence you can implement. Encryption in a is one of the most effective because if bad actors somehow get into your system, encrypted files ensure attackers will see garbled nonsense rather than actual data.

Files should be encrypted both while at-rest in local or cloud storage and in-flight, should they need to be shared with partners or clients.

It’s hard to overstate the importance of encryption. Studies have shown that most data breaches are due to human error (usually your employees or partners), not fancy code-breaking by hackers in hoodies inside of some cyberpunk-inspired basement.

3. Watermarking and Chain of Custody

a watermark on top of a photo of an island

Source: Media Valet

Avid also suggests using both visible and invisible file watermarking or file fingerprinting to aid forensic investigations in case of copyright theft. Tracking and controlling all data movement through a recorded chain of custody and data movement protocols is also a good idea.

Without such protocols and chain of custody rules, it’s very easy for data to be misplaced, stolen, or simply forgotten, which weakens your secure remote workflow.

4. Secure remote connection points and hardware

You must also secure all hardware and connection points among employees and collaborators. That means:

  • Protecting on-premises or cloud workstations and systems through either virtual private networks (VPN) or other technology such as secure desktop-as-a-service (DaaS), PC over IP (PCoIP), or virtual desktop infrastructure (VDI).
  • Ensure all collaborators have secured their WiFi networks (by enabling network encryption, updating router software, using WPA3 routers, and other methods).
  • Keep all hardware and software up to date and fully patched (many services offer automated patch and update management).
  • Install anti-virus and anti-malware software on all computers and endpoint protection software for intrusion detection.
  • Educate your employees and collaborators on the dangers of human engineering in the form of fake emails, texts, websites, and links.

5. TPN certification

a watermark on top of a photo of an island

Our friends at Frame.io say it’s important only to use data services that have a Trusted Partner Network (TPN) certification from the Motion Picture Association (MPA), and we agree.

A TPN assessment reviews a vendor’s security posture against MPA (Motion Picture Association) Best Practices Common Guidelines. Completing a TPN assessment demonstrates a vendor’s commitment to maintain these guidelines, ensuring the vendor’s security credentials are.

Read More: MASV Completes Trusted Partner Network (TPN) Assessment

Vendors can receive two statuses: Blue Shield and Gold Shield. Blue Shield status indicates that a TPN member Service Provider has finished self-reporting their security information. Gold Shield status indicates that a participating Service Provider has undergone a third-party security assessment.

Did we mention we also received our TPN Gold Shield certification last year?

Protect Your Data

Media professionals trust MASV to safely deliver copyrighted content around the world.

6. Use secure file sharing/transfer methods (like MASV)

If you’re getting a “chain is only as strong as its weakest link” vibe from this post, then congratulations – you understand network security. That’s why it’s pretty counterproductive to implement everything we’ve just gone through without using a secure file-sharing system.

Luckily, we built MASV using the secure by design methodology.

Secure by design is a way of building software systems that force developers to consider security impacts first and foremost, at every step – not just as an afterthought.

In MASV’s case, this includes a layered security approach with strong 12-character passwords, scans for dependency vulnerabilities before any code changes, and employee safeguards such as least privilege permissions. Multi-factor authentication (MFA) and SAML-based single sign-on (SSO) help mitigate unauthorized access and password vulnerabilities.

MASV encrypts all files in flight and at rest using strong TLS encryption and password protection.

We’re also certified by ISO 27001, SOC 2 Type 2, and the Trusted Partner Network (TPN), a media and entertainment security initiative owned by the Motion Picture Association (MPA).

MASV is a key tool for a secure remote workflow that can be leveraged by video pros (or anyone for that matter). Sign up today and send up to 20GB of data securely and for free.

MASV File Transfer

Get 20 GB to use with the fastest, large file transfer service available today, MASV.