MAD Perspectives Blog

 Security and Protection Priorities Shifting

Peggy Dau - Tuesday, September 30, 2014

Protecting assets, data and information, from unwanted intrusion, is front page news these days. It seems that retailers, banks and other enterprises holding customer financial data are under persistent attack. Whereas the primary concern used to be about the security of data centers retaining corporate information about products, pricing, R&D and customers, today hackers are finding different entry points to access sensitive data.  Corporate concerns about data breaches are warranted, as there is a direct impact on revenue. The hack of consumer payment data at Target was followed by a revenue decline of 5.3%

The media & entertainment industry is no different. In fact, while subscriber data is critical to the success of these companies, media organizations face issues beyond subscriber data management and protection. They must secure and protect the content assets themselves while they are being created, when they are prepared for delivery and when they are being transported to business partners and/or consumers. Content piracy was the term used by vendors providing solutions in this space.  Content piracy results in revenue leakage for both content providers.

Just as retailers, banks and manufacturers protect data using sophisticated encryption solutions, media companies protect media assets with conditional access system (CAS) and digital rights management (DRM) solutions. The challenge for  Pay TV services, such as Comcast or BSkyB, is in only allowing subscribers who have paid for content to actually access that content. When the service owns the distribution network, CAS solutions have been deployed utilizing encryption keys tied to the subscriber's set-top box. For OTT delivery across IP networks, fixed or wireless, DRM solutions have been deployed. Regardless of distribution model, protecting content at all stages of the media lifecycle has been critical. 

The shift to IP content delivery combined with the increase in content consumption via tablets and smartphones introduces new challenges to an industry that has been dependent on solutions designed for managed networks and managed devices.  CAS vendors (e.g., Cisco, Nagra, Irdeto) have invested in enhancing encryption solutions focused on protecting content on behalf of Pay TV Operators, using the set-top box as the managed device. DRM solutions are used to protect content, on behalf of the content owner. DRM provides copy protection for content being accessed via un-managed devices, such as smartphones and tables. 

The two perspectives are starting to converge as Pay TV Operators are forced to deliver content to screens beyond the TV. While content providers have focused on content protection and delivering the content consumers want, they have paid limited attention to protecting subscriber data. They use the data to identify new revenue opportunities, but have not yet had to apply the same level of protection to subscriber data. Security as about managing access to content. Protection is about securing content during network transport. Both are about protecting revenue streams.

What's your perspective?