Are you thinking clearly about cloud security?

By Tim Jackson, Senior Vice President Sales & Marketing, the Americas at Globecast

Use of the cloud – and discussions about using the cloud – have been growing exponentially in our industry for the past few years. There are many questions that we are asked by existing and potential customers, both in terms of using it to send or host content that we can then access for playout/distribution; and our recently announced, cloud playout services. One key subject that comes up frequently is content security when using the cloud, so we’ll highlight key points about that about that here that should get you thinking; the second is to then to clear up some confusion about cloud playout that we’ve come across.

Content security using the cloud

We’ve been receiving customer content from the cloud for some years now, and, as mentioned, we’re always asked about content security. What’s crucial to remember is that in a cloud scenario, content is still stored in a physical location. What changes dramatically is that there’s now the choice to replicate that content across different locations much more easily.

Regardless of whether, moving forward, playout is cloud-based – as opposed to content being stored in the cloud and being received by a third-party (us being a prime example) from the cloud for traditional playout/distribution – the honest answer here is that responsibility for the security and protection of data lies with all parties in a given relationship at various points in the chain. There’s no single point of responsibility for this, and this is where it gets complicated for a customer without a service provider like us involved.

The cloud services provider is always responsible for the security of the content that resides at any of their data centers, no matter where they’re located (customers are paying for that capacity and associated security, on an as-needed basis). Content still has to exist somewhere; it still has to be delivered somewhere and then it has to sit somewhere. We are working with customers to help them understand this and where the pressure points – and costs – are.

The ingress and egress from the cloud for you, as the content owner, means there are steps that you have to take to ensure that it’s handled in a secure manner. That’s one of the very big value propositions that we offer as often the content owner doesn’t want to be solely responsible for the content when it’s in the ether.

Assuming a customer is comfortable with their own facility security, it’s then the question of security as that content is sent to the cloud services provider, generally over the internet in some form. If they work with us, we can manage that security while the content is being moved. We can work with both those parties to ensure end-to-end content security. Of course, this uses IT security protocols via encryption and access keys. We can make this as secure as is possible by working with the cloud provider. It’s vital to understand how this operates to be able to take full advantage of the cloud; it’s too easy to make mistakes.

The cloud is as secure as you make it; they give you all the tools, you just need to know how to configure them properly. It’s physical security (and geographic redundancy) is greater than any broadcaster could achieve independently, mainly due to the economies of scale.

A single point of contact

For customers, having a single point of contact – us – to manage this is a huge advantage. Customers can try and piece all this together across multiple vendors/service suppliers but the management of that – particularly in extremes and with the danger of buck-passing – is a very, very big task. Each vendor is ultimately only responsible for their part, so when things go wrong…

We have operational procedures in place with all relevant parties to ensure this all flows smoothly. We do this all the time. We receive content from the cloud for playout constantly and have done for some considerable time now. The choice of playout model is a separate question.

Where does cloud playout come in?

As cloud usage begins to gain real traction within the broadcast sector, there’s a lot of talk about – and now the beginnings of a gradual shift from – traditional playout to cloud-based playout models. Of course, we’re at the leading edge of offering these services to both existing and new customers.

It’s important to note the key advantages in moving to cloud playout, though at this juncture it’s not a panacea. For one, it radically alters the financial model. Moving away from traditional broadcast playout to a cloud-based model reduces CAPEX because customers – and service providers – no longer have to be anywhere near as concerned about upfront hardware costs and then the subsequent amortization of those over time: the service model essentially shifts from a CAPEX/OPEX paradigm to almost exclusively OPEX. This means we can launch services – including “pop-up” offerings – far more quickly and start up secondary channels from a main feed almost instantaneously.

A little honesty about cloud playout suitability

If there’s one thing we all need to be clear about this new playout possibility, with the current state of play, it isn’t suitable for every application. While cloud playout is a very powerful new tool, there are instances where traditional, facilities-based playout of TV services makes complete sense.

Our challenge is educating the market about cloud playout; there’s a definite lack of understanding in the market as it’s still a very nascent technology, and it’s certainly not an overnight shift that’s suitable for all. We have all been using physical, facilities-based playout for a long time and the move will of course be gradual. We all have a long way to go with this!

Without wishing to resort to cliché, talk to us and we will happily talk you through the best solution for your business case using our global expertise.