How to Secure Cloud Streaming Infrastructure

What are some of the key challenges with securing cloud-based streams? Nadine Krefetz, Consultant, Reality Software, Contributing Editor, Streaming Media, asks John Jacobs, Field CISO, Fortinet, “What some of the questions are that people come to you about?”

Jacobs makes a point to distinguish the differences in perception between the logistics of securing on-prem versus cloud-based streams and the ways in which people should perceive the differences in approach. “Sometimes [there was] just an assumption that it was easy when you put a physical device in a premise and you said, ‘Well everything in that building is behind this security device.’ Say, a firewall,” he explains. “Now that is so exploded from a cloud perspective. The [people] that have done the best job have said they really approach it as an entirely new installation for security services as a module, whether that's the cloud-native or third party or some integration of the two.” He notes that the point of security enforcement should be fixed even in a hybrid/mixed (cloud and on-prem) environment. “So that enforcement point becomes the gateway for access in and out, and then you can deal with it inside the services themselves,” he says.

Krefetz asks, “So if I'm doing some planning, what are some of the questions I should be asking about that are security-related to the cloud? Because, realistically that's your focus. So what do you tell your customers?”

Jacobs breaks his response down into two aspects. “Number one, you've got to start with a real identity solution and access part of it,” he says. “So this isn't just people going everywhere. A lot of times we hear that from customers that say, ‘Which cloud vendor are we using?’ And people just sort of, ‘We don't know, people are on their own.’ So first off, just having arms around it. And then I think the second is to the point made of a baseline. Where do you anticipate baseline load? Because those costs are going to vary to locus point. A sunk cost, people are used to. If we deployed a data center or a new office and we said we want an appliance and a rack, this is what we get. They spend the money, and then they say it's spent. The beauty of cloud environments is that you could reduce that cost, have a baseline, and then enable it to burst. So planning for the future of where are we at, where do we anticipate, and then is there a scale plan in order? So I'd say those are the two things: arms around it, and scaling model.”

Learn more about cloud streaming cybersecurity at Streaming Media East 2023.

Streaming Covers
Free
for qualified subscribers
Subscribe Now Current Issue Past Issues
Related Articles

Securing Streams: What Are We Trying to Protect?

Few streaming stakeholders, from entertainment to enterprise, would deny that stream security and anti-piracy matter, but what are we really protecting when we apply DRM or other methods to curb the inappropriate appropriations of streaming content? Are we protecting user experiences? Profitability? Proprietary content? An international panel of industry experts from Synamedia, EZDRM, Vindral, United Cloud, and Help Me Stream weigh in on this critical question in this clip from Streaming Media NYC 2024.

Grabyo's Clare Butler Talks Cloud Streaming Services and Pricing Models

Streaming Media's Tim Siglin interviews Grabyo's Clare Butler at Streaming Media NYC 2024. She highlights that Grabyo is not geographically bound and caters to anyone working in the live space, including news broadcasters, sports clubs, and entertainment producers. She also emphasises the cost-effectiveness of cloud solutions, noting that cloud technology is now at parity with on-prem solutions, offering features like instant replay and SCTE-35 ad insertions.

A Broadcaster's Cloud Migration Primer

This article offers a primer on how a traditional broadcaster could start to move services to a cloud provider. I spoke with an engineer from a government-owned European television station and subscription service who agreed to walk us through the process without direct attribution.