
- Review the WFH security recommendations from the studio sponsoring/financing your project–most have published them in the last few weeks. If you cannot find one, there are decent recommendations from the California CyberSecurity Integration Center.
- Start with your home firewall. Ask your office team if the firewall built into your home router is enough or if you need something additional to protect your modified home office setup from hackers.
- Secure your physical space. The most likely source of a leak in the next few months of WFH is not the malicious hacker, but your family members who innocently snap a pic of your workstation and post a sneak-peak of that pre-release content on Instagram or Snapchat — and yes, you/your company are liable. A lock on the door and monitors not facing windows is a pretty simple way to reduce the opportunity for unintended consequences.
- Air gap your creative work station. Regardless of your craft (eg editing, visual effects, etc), your creative workstation cannot be connected directly to the internet. If you are working “alone” and submitting your deliverables via a file transfer service, this might be as simple as having a separate computer for browsing the internet, email, etc. If your company helped you set up your home office, they likely briefed you on the best practical methods to ensure you are not connecting that premium content to the internet and how to shuttle the media from one computer to another for sending out deliverables. However, if you are doing live review sessions from your creative work station, the problem is harder. If you have a dedicated streaming device (Sohonet’s ClearView, Streambox, Teradek), then are you most likely already air gapped, connecting to that device with only an HDMI or SDI cable and having that device connected to the internet, streaming encrypted real-time video to your colleagues and customers. If you are using a desktop sharing application (Evercast, Zoom, Bluejeans, Skype, Microsoft Teams, etc), then you have a tougher problem to solve. Best practice here requires a separate workstation (Mac or PC) and for you to push video from your unconnected / air gapped workstation to the second workstation via video cable (HDMI or SDI) typically with a breakout box (AJA makes them) so that the 2nd device becomes your “streaming device”. Whatever the tool is that is sharing your precious pre-release content, it should only have access to that content from a video input source and only during the actual live streaming session. While the world has had to make practical trade-offs to allow thousands of us to work effectively from home, no one will sign off on their content being directly connected to the internet nor will they waive liabilities to the same effect.
- Virus / malicious code scans. The most likely way a hacker is going to get access to your precious content is by deploying malicious code to your connected workstation where you are using email. DO NOT CLICK LINKS. Period. Run your company’s virus scanning software daily. Be smart about which websites you visit. If you follow step 3 above and screw up this step, it will still be VERY hard to gain access to your content — but not impossible. IF you are the IT administrator, consider simple tools like KnowBe4 to educate your creative professionals on phishing scams. Phishing (especially COVID-19 phishing) remains the single most common way for hackers to gain access to your systems.
