Can Hollywood Adapt to Data Security in the Digital Age?

HollywoodbinarySince the catastrophic data breach at Sony pictures late last year, Hollywood has been scrambling to find a solution to their massive data security and IAM needs. In a piece for the New York Times released late last month, tech reporter Nicole Perlroth broke down the sea change in  Hollywood’s (once lax) attitude towards digital security, and the tools they are using to get the job done.

Perlroth spoke with Lulu Zezza, who manages physical production for Regency Studios and overviews the digital security of everything that goes into making a film on set. Basically, it’s Zezza’s job to make sure that sensitive files (planned movies, scripts, casting, personal emails) don’t get out, in an industry plagued by piracy.

Since the breach at Sony and the subsequent reorganization of Hollywood’s data security, a lot of people have been asking a simple question: why didn’t Hollywood see it coming? We’re talking about an industry with endemic digital rights management (DRM) problems, the very same industry that released those ridiculous “Piracy: It’s a crime” ads (you wouldn’t download a car, would you?). How is it possible that these businesses didn’t consider the fact that all of their data could be as vulnerable as their finished products?

Sadly, while reading the article, I found that  Zezza’s comments felt like a series of ‘I-told-you-so’s.’

Turns out, in Hollywood, people like Zezza, who insisted on pursuing encryption and Identity and Access Management (IAM) solutions, “were once considered paranoid, because they worried about mundane security measures like passwords,” writes Perlroth.

Wow. Frankly, that anyone could consider the most basic forms of security ‘mundane’ blows me away. This is an industry which, according to Perlroth’s article, once went to great lengths to prevent physical piracy by printing scripts “etched with watermarks or printed on colored and even mirrored paper to thwart photocopying.” Studios used to switch the names of minor characters from script to script to pinpoint leakers, but they couldn’t be bothered to take rudimentary steps towards IAM or encryption?

When Zezza adopted WatchDox, a service that allows file creators to manage who can do what (print, scan, share, etc.) to their documents she was mocked. “Nobody wanted to use it, said Zezza. “The first year was unbelievably painful. I was teased mercilessly.”

So now, finally, Hollywood has been forced to see the light; in 2014, eight companies who manage document security raised more than $136 million in financing, which is five times the amount raised by similar companies in 2013. I can’t help but wonder what percentage of the $136 million came after Sony’s disastrous November.

Aaron Levie, chief executive at Box, told Perlroth that Hollywood is finally asking itself: ” ‘What’s our modern strategy for managing our information?’ ”

Perlroth focuses on three companies which have received attention from Hollywood execs: WatchDox, a file synchronization and sharing company that promises to ‘keep you in control, even after files leave your network,’ IntraLinks, a SaaS solutions for ‘secure content collaboration,’ and Varonis, an enterprise file services company, who promises to ‘turn your file shares into an instant private cloud with file sync, mobile access, and more.’

Some Hollywood insiders, such as Oren Peli, producer and screenwriter of the Paranormal Activity series, have been using such file management tools for years. “If I decide I actually don’t want someone to read something, I can revoke their access later, or decide after the fact to allow them to print it,” Peli told the Times.

Now, the rest of Hollywood is catching up with Mr.Peli, but it’s a shame that it took such a disaster to make the change.

“Post-Sony, getting people to cooperate with me has been a completely different experience,” Zezza told the Times. “Everyone gets that life has to change.”

 

 

For more information on Identity and Access Management Solutions, check out our free 2015 IAM Buyer’s Guide here.

Follow Jeff

Jeff Edwards

Editor, Cybersecurity at Solutions Review
Jeff Edwards is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large.He holds a Bachelor of Arts Degree in Journalism from the University of Massachusetts Amherst, and previously worked as a reporter covering Boston City Hall.
Jeff Edwards
Follow Jeff