Production Security Comes Down To Pipeline
Lee Hollingworth
May 13, 2018

Production Security Comes Down To Pipeline

In recent years, film and TV studios have seen numerous high-profile movies and shows leaked early to the public or held for ransom by opportunistic hackers.
These security breaches have occurred at all levels, from postproduction facilities, to distribution partners, to press screeners, to the studios themselves – leaving those at all steps of the content creation and delivery chain to ask how they can better protect themselves and their clients. Devastating cyber attacks have made film production security a major priority for studios that are often challenged with managing hundreds if not thousands of moving parts on a single tent-pole release. 

VFX facilities face unique risk management challenges. As viewers demand more VFX-heavy content, studios now work with more and more vendors per project than ever before – and as technology has allowed for globalization, those vendors are often dispersed across multiple sister facilities worldwide. Sharing content internally and externally to other vendors and clients needs to be secure while still being flexible and efficient. As the industry increasingly shifts to the cloud, security only becomes more important. 

For facilities, it’s crucial to address security concerns at the pipeline level. One of the most straightforward solutions to implement is single sign-on for your production pipeline. With a centralized authentication process, all accounts are managed centrally, allowing the IT department to easily oversee all permissions and grant, limit, or revoke user access to assets or shots instantly. Permission levels may be determined individually by role so that access can be granted or restricted most effectively. This centralization provides continuity for managing all credential issues, and ensures that project-based employees or freelancers don’t inadvertently maintain access after a show ends. 

Anyone accessing assets or shots via the pipeline should also put two-factor authentication (TFA) in place. In addition to a username and password, TFA requires another piece of information that makes it harder for hackers to gain access. Another option when running VFX pipelines on a SaaS-based platform is IP whitelisting, which further limits and controls access among only trusted users, and virus scanning tools ensure that all incoming attachments and direct file uploads are clean, and quickly isolated and addressed if not. Whatever your approach to pipeline, all data should be securely encrypted at every stage.

There are several established pipeline management tools and best practices that can automatically put essential pipeline security features in place for your studio. As the VFX industry evolves, facilities continue to look for new ways to work better, faster and more cost-effectively, and clearing pipeline bottlenecks is one of the easiest and most trackable places to start. Look for tools that deliver top-notch server reliability whether on premises or cloud-based with encryption, and features to help engineers continually reassess and improve risk management. Now more than ever it is important that security protection can easily be managed, even for smaller VFX shops without dedicated IT staff. 

There is always room for improvement when it comes to security. As you consider your risk management approach, thoroughly examine your pipeline and identify what areas can benefit from additional security features – you might be pleasantly surprised to find that security upgrades can also make your pipeline more efficient overall.

Lee Hollingworth is a Senior Product Manager for Shotgun Software at Autodesk.