Our advice to customers and industry colleagues a few weeks ago was simple: focus on 1) connectivity (cloud or remote workflows), 2) security, 3) controlling the creative work station, and 4) sharing your work with your colleagues or customers.
However, you would not be alone if you made some short term decisions to get up and running in the heat of the moment, and those decisions are likely now starting to impact the overall effectiveness of your workflow.
Knowing this situation is very likely going to last longer than you originally expected, you are probably already thinking about upgrading your home internet, adding better / bigger monitors for your creative workstation, and are in a rhythm on sharing with your colleagues and customers — but how much have you reviewed the security posture of your environment?
Prior to our current COVID-19 environment, it would have taken an act of Congress to get approval to bring your pre-release content home. You would never have asked to bring the actual content (the workstation itself, hard drives, etc) to your house unless you were one of the most talented or senior creatives in our field. As you are reading this, you are recalling words like “air gapped security” and “defense in depth” from your security training classes at your office.
So how do we conduct a simple assessment of your working environment and make practical changes now to protect your personal and your company’s liability for the pre-release content you are now touching and shaping in the creative process?
- Review the WFH security recommendations from the studio sponsoring/financing your project–most have published them in the last few weeks. If you cannot find one, there are decent recommendations from the California CyberSecurity Integration Center.
- Start with your home firewall. Ask your office team if the firewall built into your home router is enough or if you need something additional to protect your modified home office setup from hackers.
- Secure your physical space. The most likely source of a leak in the next few months of WFH is not the malicious hacker, but your family members who innocently snap a pic of your workstation and post a sneak-peak of that pre-release content on Instagram or Snapchat — and yes, you/your company are liable. A lock on the door and monitors not facing windows is a pretty simple way to reduce the opportunity for unintended consequences.
- Air gap your creative work station. Regardless of your craft (eg editing, visual effects, etc), your creative workstation cannot be connected directly to the internet. If you are working “alone” and submitting your deliverables via a file transfer service, this might be as simple as having a separate computer for browsing the internet, email, etc. If your company helped you set up your home office, they likely briefed you on the best practical methods to ensure you are not connecting that premium content to the internet and how to shuttle the media from one computer to another for sending out deliverables. However, if you are doing live review sessions from your creative work station, the problem is harder. If you have a dedicated streaming device (Sohonet’s ClearView, Streambox, Teradek), then are you most likely already air gapped, connecting to that device with only an HDMI or SDI cable and having that device connected to the internet, streaming encrypted real-time video to your colleagues and customers. If you are using a desktop sharing application (Evercast, Zoom, Bluejeans, Skype, Microsoft Teams, etc), then you have a tougher problem to solve. Best practice here requires a separate workstation (Mac or PC) and for you to push video from your unconnected / air gapped workstation to the second workstation via video cable (HDMI or SDI) typically with a breakout box (AJA makes them) so that the 2nd device becomes your “streaming device”. Whatever the tool is that is sharing your precious pre-release content, it should only have access to that content from a video input source and only during the actual live streaming session. While the world has had to make practical trade-offs to allow thousands of us to work effectively from home, no one will sign off on their content being directly connected to the internet nor will they waive liabilities to the same effect.
- Virus / malicious code scans. The most likely way a hacker is going to get access to your precious content is by deploying malicious code to your connected workstation where you are using email. DO NOT CLICK LINKS. Period. Run your company’s virus scanning software daily. Be smart about which websites you visit. If you follow step 3 above and screw up this step, it will still be VERY hard to gain access to your content — but not impossible. IF you are the IT administrator, consider simple tools like KnowBe4 to educate your creative professionals on phishing scams. Phishing (especially COVID-19 phishing) remains the single most common way for hackers to gain access to your systems.
It’s a lot to take in when you feel like you are finally getting comfortable with your (temporary) “new normal”, but it may be the most important thing you do to protect your customer’s IP (and your company’s liability) and to ensure that when we all return to “normalcy”, the option to work remotely becomes an ordinary and easy to deploy workflow choice for a long time into the future.
See Sohonet’s guide to Navigating Remote Working for M&E 
