ETC Panel Discusses Cloud Security: Today, Tomorrow, Beyond

As part of its Media Management in the Cloud at NAB, the ETC held a panel discussion on cloud security, which continues to be a leading concern of M&E firms considering greater adoption of cloud technologies. The panel was composed of leading experts in cloud security from different parts of the M&E and cloud industries. Among the questions discussed: How can cloud infrastructure better ensure security? What are the most common security concerns of cloud tenants? What is the next level of emerging security standards? How is security best balanced with ease of use?

ETC_vNAB_CloudPanelists included: Justin Somaini (CTO, Box), Patrick McGregor (product management lead, Cloud Platform, Google), Todd Burke (principal solutions consultant, Adobe), Chris Chen (CTO, Prime Focus), and Ian Hamilton, (CTO, Signiant). The panel was moderated by Dave Ginsberg (CTO, Sundance Institute).

Burke stressed that a secure cloud infrastructure required not only extensive security training for a vendor’s or tenant’s developers, but significant security training for all employees.

Somaini underscored that security should not be simply reactive — rather, effective cloud security practices should be proactive and embedded in an organization’s culture.

McGregor highlighted the unprecedented advantages of large-scale security resources at Tier 1 cloud vendors such as Google Cloud where a 500-strong security engineering team was complemented by thousands of security specialists across Google’s product offerings.

Hamilton agreed that it was particularly comforting for small companies adopting cloud technologies to have access to Tier 1 vendors’ security resources, but it should not be assumed that this solution is “a slam dunk.”

Somaini emphasized the importance of driving security measures to where data really goes in an active system rather than expect data to be simply neatly funneled into a designated secure infrastructure.

Chen noted that one of the biggest challenges facing M&E cloud tenants was how to release content smoothly and easily to consumers, especially when consumer collaboration and co-creation is sought, without undermining security. Ginsberg concurred, noting also that professional creatives who found security measures too cumbersome in their everyday use of cloud tools would be tempted to seek security workarounds.