Blog

Content security: Trusting the Cloud with your broadcast workflows

December 6, 2021

By the Editorial team, Amagi

Even until fairly recently, broadcast industry professionals regarded safety in the cloud with an almost superstitious anxiety, convinced that the safest place for their content was under their own roof.

Thankfully, the tide is turning on this fallacy. While there’s no reason you can’t keep your own content secure on your own premises, with the most powerful media companies in the world trusting their assets entirely to cloud, a new paradigm is emerging.

The anxiety of letting go of your content: Security concerns & fears

Content is the crown jewel of any media company and so the same sorts of security conscious conversations played out in content businesses when cloud storage - and later, fully cloud-based workflows - were introduced.

Coming into the cloud fresh, there was anxiety about identifying all the potential threats.

  • Control access: The first concern was being able to control access to the content. To use the bank analogy - how can I be certain that someone with a six-shooter and a black hat can't just walk into the bank, use my identity, and ride away with my money?

    And how can I access from within my organization. How can I make sure that my operators have access to all the assets they need, but still keep them protected from a well-meaning insider.

  • Encryption & security: Beyond ensuring well-defined user authentication, will the content be encrypted and secured to a point that if it does get into the wrong hands - is stolen by hackers, say - that the material can't be used or accessed in any meaningful way without the proper permissions.

As playout from the cloud became a viable option, a new set of anxieties reared their heads.

  • Reaching the right audience: When content finally leaves the cloud storage and heads off through an IP pipe out into the public internet, how do you know it's going to the right people - the right subscribers, the right territories, the right content partners?

  • Monetization: How can you be certain that it's getting monetized via the proper paying customers and the right advertising?

Let cloud do the lifting

In recent years, the security fears have given way to an understanding of the benefits of public cloud.

The sophistication that the public cloud vendors have built in terms of security infrastructure today, are far, far higher than what a company, or even the data center of a particular company, can match. So, stealing content directly out of the cloud is an inherently difficult proposition.

A recent article published by SMPTE observes that public cloud providers are now actively adapting tools for the needs of the media industry.

When public cloud is prepared to court major institutions like film studios you can trust that you're dealing with a very secure environment.


  • Cloud providers are continuously upgrading security protocols and threat detection. They are continually addressing security issues that would be expensive, and exhausting, for an individual organization to deal with alone.

  • You also have the option of picking the right design considerations to build a highly resilient cloud infrastructure. Go for multi-cloud environments or instead pick a single cloud provider but multi-region environments.

    With cloud, you can thus enjoy the benefits of a seamless redundancy infrastructure. Content can be striped across multiple data centers in multiple regions and zones, which makes it theoretically unlosable - as well as making it more difficult to steal.

  • Machine learning is becoming a core component of cybersecurity across industries. Sets of rigid rules which used to be the core of threat management, have given way to a flexible approach which - like some kind of cyber-tai chi - can flow and adapt to security threats that may take many different shapes.

    Because of its access to scale, a public cloud provider is able to access large amounts of security data, which can then be used to train machine learning-powered security protocols.

Threats come in different forms, and patterns have to be recognized and learned. A larger infrastructure like the cloud can learn threat management and detection much faster, because it has access to the whole breadth of signatures and patterns threatening the system.

Cybercriminals at the gate

Cyberthreats are very real, which is one reason it’s good to have a powerful ally in fighting them. Cyberattacks are like a spray across the whole world of IP addresses, and with a vast system supporting it on the backend. But a large part of the solution is about the discipline, not the technology.

It is the human element that is the weakest link in this whole value chain. It comes back to processes. What processes can you put in place?

Best practices and proper protocols: The Amagi advantage

At Amagi we work with 2000+ linear channel deliveries and 800+ playout chains, so we take adequate precautions. Amagi develops every one of its cloud products and services with security in mind right from the initial design stage.

Our playout is run on hardened systems and we are inside VPC (virtual private cloud) rings, so we are not open to the web. All the data and content are encrypted at rest and encrypted during transition.

We have established a 24/7 security operations center (SOC) that monitors anomalies and can make predictions of the outcomes of any hacks. Like any security team, our SOC runs simulations of threatening scenarios to practice and refine the best methods for defense and, if necessary, disaster recovery.

To move to the cloud using our unified broadcast workflows and stop worrying about content security, reach us at cloudandme@amagi.com

Read our Whitepaper for in-depth understanding of how we ensure content security with Amagi CLOUDPORT

Comments