A Secure Remote Workflow Checklist for Video Pros

by Jim Donnelly | June 21, 2022

For filmmakers and other video production professionals, intellectual property (IP) is everything.

That’s why most professional studios are cocooned by multiple security layers. These layers often include physical security elements such as guards, fobbed doors, and CCTV cameras; air-gapped RAID arrays and workstations; strict access control to applications and data; and even audited computer sessions that record every click and keystroke in real-time.

So how can you maintain a similarly airtight security posture while working with multiple remote stakeholders around the world, each accessing video content via the internet and often using residential WiFi networks?

The task may seem daunting. But it is possible. Here’s a secure remote workflow checklist video pros can use to keep prying eyes away from unreleased content.

Secure File Transfer of Large Media Assets

Encrypted media delivery, verified by the Trusted Partner Network

Secure Remote Workflow Checklist

You don’t need to be a cybersecurity expert to improve security for a video production workflow. You just need to follow some best practices that – if executed correctly – should leave real cybersecurity experts nodding their heads in approval. Let’s go through them one by one.

1. Identity access management

It’s an old cybersecurity line that’s as true now as ever: Humans are the weakest link in network security.

That’s why you need access management controls such as multi-factor authentication (MFA, also known as two-factor authentication, or 2FA) across all your business applications.

But MFA is the bare minimum when it comes to locking down access. Strongly consider instituting other zero trust elements such as the principle of least privilege: If a user or an app doesn’t require access to specific data or other apps to do their jobs, shut that access down.

Develop a list of written roles-based access policies for users and groups, keep it up to date, and pair it with automated identity and access management (IAM) software to enforce rules and track user activity.

You don’t need a bad internal actor to cause a big security problem – all it takes is one mistake to jeopardize your secure remote workflow.

2. Encryption

There are other lines of defense you can implement. Encryption in a is one of the most effective because if bad actors somehow get into your system, encrypted files ensure attackers will see garbled nonsense rather than actual data.

Files should be encrypted both while at-rest in local or cloud storage and in-flight, should they need to be shared with partners or clients.

It’s hard to overstate the importance of encryption. Studies have shown that most data breaches are due to human error (usually your employees or partners), not fancy code-breaking by hackers in hoodies inside of some cyberpunk-inspired basement.

3. Watermarking and Chain of Custody

a watermark on top of a photo of an island

Source: Media Valet

Avid also suggests using both visible and invisible file watermarking or file fingerprinting to aid forensic investigations in case of copyright theft. Tracking and controlling all data movement through a recorded chain of custody and data movement protocols is also a good idea.

Without such protocols and chain of custody rules, it’s very easy for data to be misplaced, stolen, or simply forgotten, which weakens your secure remote workflow.

4. Secure remote connection points and hardware

You must also secure all hardware and connection points among employees and collaborators. That means:

  • Protecting on-premises or cloud workstations and systems through either virtual private networks (VPN) or other technology such as secure desktop-as-a-service (DaaS), PC over IP (PCoIP), or virtual desktop infrastructure (VDI).
  • Ensure all collaborators have secured their WiFi networks (by enabling network encryption, updating router software, using WPA3 routers, and other methods).
  • Keep all hardware and software up to date and fully patched (many services offer automated patch and update management).
  • Install anti-virus and anti-malware software on all computers and endpoint protection software for intrusion detection.
  • Educate your employees and collaborators on the dangers of human engineering in the form of fake emails, texts, websites, and links.

5. TPN certification

a watermark on top of a photo of an island

Our friends at Frame.io say it’s important only to use data services that have a Trusted Partner Network (TPN) certification from the Motion Picture Association (MPA), and we agree.

A TPN assessment reviews a vendor’s security posture against MPA (Motion Picture Association) Best Practices Common Guidelines. Completing a TPN assessment demonstrates a vendor’s commitment to maintain these guidelines, ensuring the vendor’s security credentials are

TPN vendor reports are publicly available here.

Read More: MASV Completes Trusted Partner Network (TPN) Assessment

Protect Your Data

Media professionals trust MASV to safely deliver copyrighted content around the world.

6. Use secure file sharing/transfer methods (like MASV)

If you’re getting a “chain is only as strong as its weakest link” vibe from this post, then congratulations – you understand network security. That’s why it’s pretty counterproductive to implement everything we’ve just gone through without using a secure file-sharing system.

Luckily, we built MASV using the secure by design methodology.

Secure by design is a way of building software systems that force developers to consider security impacts first and foremost, at every step – not just as an afterthought.

In MASV’s case this includes a layered security approach with strong 12-character passwords, scans for dependency vulnerabilities before any code changes, and employee safeguards such as least privilege permissions.

MASV encrypts all files in flight and at rest using strong TLS encryption and password protection.

We’re also constantly improving our security posture and plan to roll out end-to-end encryption, blockchain-based chain of custody management, and ISO 27001/SOC 2 Type 2 certification in 2022.

Did we mention we also received our TPN certification last year?

MASV is a key tool for a secure remote workflow that can be leveraged by video pros (or anyone for that matter). Sign up today and send up to 100GB of data securely and for free.

MASV File Transfer

Get 100 GB to use with the fastest, large file transfer service available today, MASV.