Digital security isn't a matter of simply setting things up and walking away. As hackers develop advanced tools to break into systems, security requires constant vigilance and improvements to a system that ensures that the wrong people do not gain access to the data.
This is especially relevant to filmmakers, as there is a tremendous amount of interest in the work created at the top end, such as getting new episodes of Game of Thrones or the latest Marvel film early. If you remember the Larson Studios Hack, the hacking group wasn't even specifically targetting post-production facilities; they just happened to luck into new episodes of Orange is the New Black.
Frame.io is quite publicly a place where works-in-progress (of new movies, television episodes, etc.) will be stored, and the company knows that there's a giant target on your back for hackers looking for hot content.
To that end, Frame.io has announced that it has received SOC2 Type1 certification from the American Institute of Certified Public Accountants. This is just one step in the process outlined by Frame.io CEO Emery Wells last year in its journey to ensure full MPAA verified security compliance. This will make sure that Frame.io is a platform that even the biggest studios with the tightest security can feel comfortable with.
Of course, that power trickles down to the rest of us without the same level of IP to protect. The AICPA report, along with the work that Frame.io has done with outside evaluators ISE, are designed as a method for creating transparency with its users on how it's securing users' data.
On top of this news comes the announcement of new tools useful for filmmakers: automated watermarking and asset lifecycle management. Automated team watermarking is a feature that allows admins for a team to set a global watermark. This means that anytime anyone from the team uploads something to a project, it can automatically be watermarked with whatever text the admin sets (and in whatever position they set.)
Rather than continually double-checking with team members that items are getting properly watermarked (which does occasionally lead to non-watermarked review edits making it out into the wild), a global setting leaves the admin in control.
On top of that is the asset lifecycle management, which should benefit users by not only helping them keep their account under its storage limit, but also by making their project less vulnerable to a potential hack.
For instance, if Frame.io did get breached, it would no doubt be painful. However, it would be even more painful if what reached the public was two-month-old edit that should have already been taken down. By being able to set the duration for an asset to stay on the platform, admins can avoid the headache of worrying if everything is coming down as quickly as it should.
If you are a Frame.io customer, a copy of the SOC2 Type1 report is available for you under NDA. Get in touch with Frame.io if you would like more information.
- Automatic Watermarking
- Content Lifecycle Management
- AICPA SOC2 Type 1 Certification
- AES-256 bit encryption