Skip to content
ProVideo Coalition
  • Latest
  • News
  • Production
  • Post Production
  • Reviews
  • More
    • About Us
      About Us MM Image
    • Meet the Experts
      Meet the Experts MM Image
    • Advertise
      Advertise MM Image
    • Contact Us
      Contact Us MM Image
  • Subscribe
  • Search
    • Search MM Image
      • FOLLOW US
      • TOP LINKS
      • TIPS
      • TOPICS
      • WEBINARS
Post Production

How to Avoid a Data Hack

How to Avoid a Data Hack 1
  • twitter
  • facebook
  • pinterest

Data security issues often come down to a question of paying now or paying later.

Profile Picture
Jeremiah Karpowicz
November 6, 2017
Comment

How to Avoid a Data Hack 2

As officials at Sony and HBO can tell you, it’s tougher than ever to ensure sensitive materials are being properly protected, regardless of how many resources might be available to an organization. While there was clearly a breakdown in security protocol at Sony since thousands of passwords were in a folder named “passwords”, the issues at HBO aren’t the result of a single source or issue. Both hacks provide lessons for media & entertainment professionals, and not having actual passwords in a folder named “passwords” is just the beginning.

Experts have declared that the entertainment industry is a prime target for hackers because of the money and influence that’s associated with it, and many organizations have not engaged with robust audits by third parties to help them find the gaps in their own security. What happened at Sony, HBO and even Netflix showcase why cyber security should be a top priority. They have also given production professionals of all sizes some insight around how they can avoid putting themselves and their companies through similar ordeals.

Understanding Security Vulnerabilities

The security issues HBO dealt with were the result of problems with their supply chain, insiders who knowingly or unknowingly revealed more than they were permitted to, and compromised accounts. These issues enabled the theft of a total of 1.5 terabytes of data. Hackers released Game of Thrones scripts, company documents and unbroadcast episodes of other HBO shows, including Curb Your Enthusiasm and Insecure.

To say these are incredibly value resources to and for the company is an understatement, so how exactly were these vulnerabilities able to be exploited? How were they created in the first place? Anthony Juliano, an account executive at FUJIFILM, provided us with multiple explanations around what might have happened, and why it happened.

“Just like any data breach, this one could be the result of one or many different circumstances,” Juliano told ProVideo Coalition. “It could have been the result of currently applied antivirus software that didn’t catch the breach, out of date antivirus software, ignoring basic security hygiene or repeated hack attempts by the intruder until they found a vulnerability in customer code.”

Exactly what happened at HBO isn’t the issue, but understanding the vulnerabilities that might have been exploited there absolutely is. Luckily, some of these liabilities are easy enough to diagnose and resolve. When it comes to ignoring security hygiene, users need to ensure they keep up with security maintenance. Keeping your software up-to-date is among the most important things you can do when it comes to keeping your system and data secure. Additionally, if the HBO data was encrypted, the hacker would have had access to meaningless data with no value. And of course, not falling for a “phishing” email scam is sound advice not matter what you’re doing.

There are far more involved approaches and processes associated with properly securing your data, but how much of that is necessary? Are hackers zeroing in on media & entertainment professionals in an active way? How much of a concern should freelancer professionals have in this regard?

Production Companies and Entertainment Professionals as Targets

Being able to impact how people think of or view something that’s become such a cultural phenomenon like Game of Thrones undoubtedly makes media & entertainment companies a prime target for hackers, but that notoriety is hardly the only factor at play. It’s important to remember that both Netflix and HBO had ransom demands made around their security breaches. Both of those factors have hackers across the world looking for vulnerabilities that are inherent in these systems, even if studios and production professionals are only one of their targets.

“Financial firms are high-value targets to hackers as sources of credit card information, bank account information, etc.,” Juliano continued. “However, any company that stays back-level on security maintenance is an easy candidate. Hackers look closely at new maintenance releases from companies like Microsoft, Adobe, Apple, and all major e-mail systems. They can clearly see the vulnerability and weak areas that are being fixed. That information tells the hacker where the weakness is to be exploited. They know customers are slow to apply maintenance and this gives the hacker time to attack.”

This is information that production professionals of all sizes should recognize, because it’s proof that it doesn’t necessarily matter how large you are or how valuable/sensitive the data you possess might be. If you’re using a system or process that has inherent weaknesses in it, you’re the exact sort of target that hackers are looking to find and exploit.

Additionally, many freelance professionals gain access to larger systems when they’re working on a project, and that access can turn them into an “accidental insider” which could allow someone with malicious intent to piggyback onto that access. These are the types of vulnerabilities that cyber security professionals look to prevent, but the most secure system in the world is still only as good as the people who access and utilize it.

Taking proactive steps to ensure your system or your organization is not an easy target should be a top priority for production professionals, but what exactly do those measures look like?

Pay Now, or Pay Later

Establishing specific security protocols and data processes with and for production professionals can be a difficult task. The technical logistics associated with doing so are often the last thing creative professionals want to deal with, and additional expenses related to such tasks are often not properly budgeted.

Nonetheless, there’s been a recognition across the industry of the repercussions associated with not taking this topic seriously. Security issues are not just the concern of the IT department any longer, and freelancer professionals are more open than ever to understanding what it means to stay secure. Despite that, actually installing these processes and protocols is usually not a simple or easy process.

“Unfortunately, there isn’t a silver bullet or one thing that can be done,” Juliano said. “It’s a combination of things that must happen. Studios must practice good IT and security hygiene, and that includes patching systems and applications, updating and modernizing systems/applications/infrastructure, controlling access to only those that need access, validating identities and encrypting or applying other safeguards to critical business systems. They also must implement stringent monitoring and alerting mechanisms as compensating controls for when or if an attacker breaks through their defenses.”

All of that might sound like a tall order, and for some large organizations it might be. It doesn’t have to be such a process though, since little things like updating your software and hardware exponentially increase the security of your system. Those software updates often mean little more than clicking the “Update” icon when it pops onto your screen. It’s something that many people still don’t do.

There’s a need to go far deeper, and cyber security experts can help with that process. Additionally, tried and true methodologies like the 3-2-1 rule are still effective. It states that enterprises should have three copies of backups on two different media types, one of which is kept offsite. Freelancer professionals should consider how that kind of setup could work for them, even if it’s on a smaller scale.

Data security issues often come down to a question of paying now or paying later. And paying later is always more expensive.

How to Avoid a Data Hack 3

 

Support ProVideo Coalition
Shop with How to Avoid a Data Hack 4
How to Avoid a Data Hack 5

Fuji LTO 6 Ultrium Barium Ferrite Data Cartridge

In Stock, Order Today

$32.37
Shop Now

Support ProVideo Coalition
Shop with Filmtools Logo

Filmtools

Filmmakers go-to destination for pre-production, production & post production equipment!

Shop Now
data security metadata

What Do You Think? Let Us Know.

Subscribe
Connect with
Login
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.
DisagreeAgree
Notify of
guest
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.
DisagreeAgree
guest
0 Comments
Inline Feedbacks
View all comments

PVC Favorites

12 years ago

Camera Reports, Done Right

Lighting Advice for Budding DPs 6
Production

Lighting Advice for Budding DPs

PulldownAT478anim.gif
Production

When 25p beats 24p…

Catherine-and-Austin.jpg
Production

I Decide: Anatomy of a No-Budget HD Spot

Latest

4 hours ago

Claude Monet, The Water Lily Obsession documentary

Claude Monet, The Water Lily Obsession documentary
RØDE Connect software is almost a free RØDECaster Pro 7
Production

RØDE Connect software is almost a free RØDECaster Pro

Let's Edit with Media Composer - Continuum 2021 8
Post Production

Let’s Edit with Media Composer – Continuum 2021

art of the cut podcast justice league
Podcasts

Art Of The Cut Podcast Eps. 95 (“Justice League” Editing Team)

You Might Also Like

Download my free set of Adobe Premiere Pro Project View Presets 9

Download my free set of Adobe Premiere Pro Project View Presets

Written by Scott Simmons
February 4, 2021
While we’ve undoubtedly seen a move toward viewing and organizing media via thumbnails in recent years one of the...
Scratch Splash Screen

Learn Assimilate Scratch Step-by-Step

Written by Kevin P. McAuliffe
December 28, 2019
I’ve used quite a few NLE’s over the years.  From D-Vision to Media 100 to Media Composer, Premiere, Final...
Adobe and Avid need to support iXML metadata for audio channels in the timeline 14

Adobe and Avid need to support iXML metadata for audio channels in the timeline

Written by Scott Simmons
February 7, 2019
This post is just a gentle public shaming for my friends over at Avid and Adobe. They are behind...
Moving Metadata Between Avid and Final Cut Pro X 23

Moving Metadata Between Avid and Final Cut Pro X

Written by Mark Spencer
June 5, 2018
https://www.youtube.com/watch?v=twoaNnu_ytM&feature=push-u-sub&attr_tag=d6MWI_2CCzWgsec9-6 This week on MacBreak Studio, special guest Mike Matzdorff shows us how to roundtrip custom metadata between Avid...
ProVideo Coalition

Contact

  • +1-747-444-1870
  • [email protected]

Useful Links

  • Advertise With Us
  • Mobile App
  • Topics
  • Meet the Experts
  • Webinars
  • Contact Us

Our Websites

  • Filmtools
  • moviola.com
  • Moviola Digital

Sign up for the ProVideo Coalition weekly e-newsletter and get the most popular articles, blogs, and reviews right to your inbox.

By entering your email, you agree to our Terms & Conditions and Privacy Policy

© 2021 ProVideo Coalition, a Moviola Company. All Rights Reserved.
Terms of Service Privacy Policy Cookie Policy Sitemap
wpDiscuz

Newsletter Sign Up

Sign up for the ProVideo Coalition weekly e-newsletter and get the most popular articles, blogs, and reviews right to your inbox.

×