Not in Kansas Anymore – The Cloud Security Lowdown for Media Companies Dorothy was right: we are not in Kansas anymore. Or, if we are in Kansas, we’re likely accessing information stored on a…

Not in Kansas Anymore – The Cloud Security Lowdown for Media Companies

Michael Gleason

I spend my days (and nights) explaining how the strengths of the cloud - high availability, scalability, and interoperability - can help us overcome what is often considered its greatest weakness: security.

Share

Cloud Security

©iStockphoto.com/huronphoto

Dorothy was right: we are not in Kansas anymore. Or, if we are in Kansas, we’re likely accessing information stored on a server in Indiana and co-editing a document in real time with a colleague in London.

As media and entertainment companies tend to be populated with forward-thinking individuals, it comes as no surprise that public cloud apps like Google Drive for Work, Salesforce, Dropbox, among others, aren’t becoming the standard in the industry – they already are the standard.

And that’s great news for productivity, collaboration, and all that jazz. But (and, according to Forrester, it’s a $72 billion dollar and growing but), this shift changes the way we think about – and go about – securing data.

How do public cloud apps change data security?

Historically, all the users, applications, and data resided on-premises, allowing legacy security solutions to enforce DLP and compliance policies. Fast forward to today, when many organizations’ IT backbone is in the cloud, introducing new data security challenges:

  • Every SaaS app has its own set of admins, as well as security capabilities and controls, making id difficult to centrally manage security and compliance.
  • Public cloud applications allow users to access, create, and distribute information – including sensitive information – readily.
  • Data may now be generated on-premises, as well as natively in the cloud by humans, 3rd party apps, and machines, including a high volume of cloud-to-cloud data that never traverses your on-premises network.
  • Users are self-enabling unvetted third-party applications with corporate credentials (“Shadow IT“), granting access to core corporate systems.

What do Media and Entertainment Companies Need to Think About?

Remember that horrific nightmare you had, where your company’s sensitive information was leaked? Right – you didn’t have that nightmare. And good thing, too, because that dream sounds awful.

Point being, there’s no shortage of content that media and entertainment companies need to keep under wraps. Media and entertainment companies are all about digital assets, and if those are compromised, it’s bad news bears. So, what do media and entertainment companies tend to care most about?

  • Securing intellectual property
  • Protecting customer credit card numbers
  • Keeping employee social security numbers confidential
  • Securing digital assets against theft or piracy

As we’ve seen in recent high-profile breaches, intellectual property and sensitive information are no longer the only valuable payloads cyber criminals are after. Alternative rewards, including inflicting damage upon an organization’s brand are emerging as new sources of motivation.

The fact is media and entertainment companies are collaborative by nature, with a complex network of collaborators including customers, consultants, contractors, editors, partners, legal counsel, and more. Periodicals work with contributing journalists, large advertising agencies work with a near-endless list of collaborators, and on it goes.

As such, eliminating collaboration is not an option – but that doesn’t mean protecting your data isn’t a priority. The key is to gain visibility into user behavior to detect risky scenarios where sensitive content is shared inappropriately.

Putting it Into Action

  • Learn the characteristics and priorities of today’s forward-thinking security leaders
  • Obtain actionable guidelines to initialize and execute an effective cloud security program
  • Be empowered to bring it all to life with a formula to measure the impact of security efforts in every organization

CL_blog_CTA_CISO-Guide-eBook

Share
Browser Not Supported

Your browser version is outdated.

We would recommend you upgrade to a recent version to ensure that you have a good experience on the CloudLock site. Outdated browsers also increase your security risk. So please update your browser and come back later!

Click on the icon below to download the latest version of your browser

Close