The importance of security is constantly increasing with our growing global consumption of content. Fighting piracy and ensuring secure and flexible delivery options for subscribers are key motivators for the media industry to apply state-of-the-art cyber and hardware security. This is particularly relevant when it comes to streaming and on-demand media.
Utimaco HSMs as a versatile solution to secure media content while ensuring its availability
The media landscape has changed rapidly over the past decade.
Media content is being created and consumed at a pace the entertainment industry has never seen before. From TV and film to online streaming services like Netflix and Amazon, media brands are using modern technologies to create and distribute their projects.
A number of cyber attacks have occurred in recent years, such as the Sony Pictures hack in 2014 (the timeline, Business Insider) or the theft of movies and popular TV series prior to their official release. This opened the eyes of industry players to the threat that cyber criminals pose for their businesses. Keeping high value assets safe – whether in the cloud or on business premises – is top of the agenda for many media and entertainment executives. This primarily relates to pre-release content. But it can also be to do with a company’s ability to broadcast, their IT & network infrastructure and user account & payment data. Security must play a key role in helping to create the next program or movie and to safeguard this production environment.
Utimaco provides tamper-proof Hardware Security Modules with FIPS 140-2 Level 3 and 4 certifications. These build the root-of-trust basis for numerous applications used in the media and entertainment industry.
Identify the risks your business may face
A thorough risk assessment is necessary as motives for cyber attacks in the media and entertainment industry can be very diverse:
- Pirates and competitors alike are obviously highly interested in pre-release content, e.g. for financial gain. This mainly concerns international blockbusters or popular TV shows, which are relatively easy to identify.
- Hacktivists on the other hand might want to burst the hype bubble around such valuable and highly confidential pre-release content. Or they may simply want to be destructive and cause harm. Such destructive attacks are the most difficult to anticipate and to prevent.
Where Utimaco hardware security products come into play
The following applications using Hardware Security Modules (HSMs) as Root of Trust help secure the media player’s key assets.
- In digital broadcasting, streaming applications require continuous encryption and decryption in real time to ensure content cannot be compromised in transit. A conditional access system (CSA) protects this content by ensuring that certain criteria are fulfilled before allowing access to a film or series. Each segment of the data stream must be encrypted, using a continuously changing “control word”, which itself is encrypted. Keys must be generated and sent ahead of the content. This “unlocks” the next content section (with a permission to decrypt the control word). To provide a seamless experience, latency must be addressed and HSMs are the appropriate high-performance tool to do so. In fact, they quickly generate high-quality keys, store them and use them to secure the related data transfers.
- True random number generation (RNG) is essential for providing strong encryption keys.
- A company should set up user identification and authentication to access files and folders. As a result, users only get access to the (part of the) network – production & broadcasting and/or office – they need. The user ID can be part of a public key infrastructure (PKI). A PKI provides digital identities to each user in the network. The related cryptographic keys are stored inside an HSM for maximum security. 2-factor-authentication and strong passwords (one-time passwords, OTP) complement the secure access.
- Database encryption ensures that user, account and transaction data that is stored and at rest can never be accessed in the clear (unencrypted) by any unauthorized person. This is equally important for files & folders moving through the production supply chain. The related encryption keys are securely generated and stored in an HSM. They are kept separate from the actual encrypted data and cannot be accessed by either unauthorized parties or by the administrator themselves.
Utimaco provides tamper-proof Hardware Security Modules with FIPS 140-2 Level 3 and 4 certifications. These build the root-of-trust basis for the above-mentioned applications used in the media and entertainment industry.
Do you have questions regarding these applications? Or need assistance with selecting the most appropriate IT security solution for your business? Let us know at firstname.lastname@example.org.