Vendors had to invest in cloud development and operations early as bringing a robust enterprise MAM solution into the cloud requires years of planning, and deep understanding of the vast array of media workflows, both legacy and emerging. And while we believe cloud is the first choice of infrastructure going forward, especially after on-premises investments are amortized, there are still use cases for which fully cloud-based deployments are not necessarily the best solution. This could be for a number of reasons including, access to bandwidth, costs of heavy file format processing/storage/egress and more. Customers need options so they can carefully evaluate and depending on their business requirements, take the best path forward. Thus for the near future, you need to have your foot firmly in both camps.

That’s why we began developing our cloud and hybrid solutions in 2014 and have been offering a wide range of options for our customers at every step of the journey.

Today, the ecosystem of Dalet cloud-native solutions, services, APIs and integration functions are well developed and mature. Our devops techniques, architecture patterns and development best practices are established and reliable. More than one hundred of our customers benefit from full cloud or hybrid systems deployed and maintained by our team. Dalet customers can embark on their migration to the cloud today – whether it is a hybrid approach or 100% cloud – with confidence.

As you investigate enterprise MAM options, it’s important to understand the vendor history to ensure your future.

Taking flight

The past few years have seen a rise of creative teams outside of traditional broadcast requiring tools for production, management, and distribution of media content. Innovative and cloud-born solutions were developed to address specific pain points, greatly helping creative teams around the globe. But enterprise-grade media workflow solutions, ones that combine advanced media asset management capabilities with workflow orchestration, media-specific tools and integrations with the wider ecosystem, are complex and require professional services to deploy. For these customers, the total cost of ownership (TCO) was often prohibitive.

To better address this industry need, Dalet expanded its cloud-native media logistics solution, Dalet Flex, adding SaaS options to the product lineup. This approach ensured that we met the needs of a wider range of customers – from specific workflows to advanced enterprise scenarios that require customization. Make no mistake – adopting new methodologies in distributed deployments, managing new paradigms in security and overhauling your internal data delivery environment is not a walk in the park. However, there is no standing still in this industry and we are proud to lead the way and have a solution that fits our customers at every stage of their journey to the cloud.

Technical Architecture Transformation

With new cloud products and the plugin/integration market expanding every day, we employed an agile approach to development. Our first step was to build Dalet Flex architecture to fully rely on micro-services. This modular approach, combining small services rather than relying on a larger “monolithic” software, was key. Microservices allow for better scalability and support the heavier load coming from multiple tenants with better performance. It also allows us to upgrade individual services without having to turn off the entire system and disrupt customer operations.

Another prerequisite was to ensure that the solution has auto-scaling capabilities to quickly and reliably answer operations requiring heavy computing resources. With media file sizes constantly increasing, the ability to handle massive file transactions is key. Auto-scaling also enables us to scale smoothly as new tenants are on-boarded, minimizing risk of unexpected customer downtime.

The introduction of SaaS options also adds an additional security concern: ensuring tenant isolation. We are constantly developing and strengthening an internal workflow called Secure Development Life Cycle (SDLC), which reduces the number of vulnerabilities in our systems while taking advantage of all the benefits the cloud has to offer.

The crucial element

An important element of any technology class constantly in flux is the right people. Adopting the cloud isn’t only a technology issue, it’s a staffing issue – without the right people it will take longer, cost more and could leave you further behind.

It’s very easy to get lost in the weeds, especially when the process of discovery and adoption will so fundamentally change the path in front of you. You need a trusted partner that can guide you through the maze. Dalet’s revamped customer experience, from on-boarding to business as usual, really makes the difference. Over the past three years, Dalet significantly expanded its customer services resources and shifted its focus towards cloud-native, subscription-based media workflow solutions. Experts like Benjamin Zores focus on ways to optimize how Dalet deploys, upgrades, supports and maintains mission critical cloud environments.

At Dalet, we have kept our eyes on the ultimate prize. We did not move to the cloud to tick a box that says we have a cloud option. Dalet was remade in the cloud with options for customers to migrate at their pace into the next generation of media workflows. It was an endeavor that was years in the making.

If you are looking for an experienced partner to help you make the migration to the cloud, connect with us. We have traveled the path and know it well.

Go further: “The deployment conundrum: cloud vs on-premises – why not both?“

• Part 1
• Part 2

The post Into the sky; MAM becomes one with the cloud appeared first on Dalet.

It’s not a question of whether you’ll be attacked but when. That means you don’t just need good security practices, but security done better than the most damaging cyberthreat making its way towards you.

We’re going to need a whole new approach to security at the corporate network boundary, and at Dalet we think the principle of Zero Trust is the best way forward.

Under a Zero Trust framework, nothing is considered safe. Every incoming signal or connection is by default untrustworthy until it’s rigorously tested through various security checks to ensure legitimacy or authority to connect.

Evolving Threats

The assets produced by the media sector have always been highly sensitive, subject to very strict public release dates or IP legislation. Think of the financial and market impact on a Hollywood studio when a blockbuster movie leaks online before it hits theaters or streaming premiere.

But here’s what’s changed. More of us are working remotely than ever due to a global pandemic, and the multiple platforms and devices we use to connect with workplaces only gives the bad guys more ways in.

These bad actors have changed too. Cybercrime is about organized data gathering rather than just underground bragging rights. They’re coordinated, efficient, and getting harder to stop at the border of your organization.

As an industry, we have to work hard to keep up and need to ensure that every input or connection request complies with internal security policies, that they’re running on reputable platforms or that authorized agents are using them. Otherwise every VPN, smartphone operating system, marketing platform account or video call client is a potential threat vector.

The Zero Trust Strategy

As the threat landscape transforms, so are we. Dalet has evolved from being a software vendor to a SaaS provider, and Zero Trust is the lynchpin that will allow us to do so safely.

Under a Zero Trust security framework, nothing is considered safe. As a new signal or connection comes in from outside your network or organization, it’s initially blocked by default. It’s then interrogated based on any possible data point you can program for – identity, location, the operating system or security profile of the device, the workload the input requests and more.

After scrutinizing every resource, any changes in configuration and network or traffic activity is continually logged, monitored and rigorously questioned for anything suspicious.

There’s also a continual standard of access based on least privilege. That means the user is given the minimum resources or access needed to do their job and no more. If they need it, any further access request is subject to the same interrogation.

Both device/access architecture and management have to evolve to adhere to Zero Trust principles, and that will involve training, awareness and the ushering in of a new security culture. Methods like password-less access and physical devices like security keys are going to become more important.

The Zero Trust Practice

Imagine an editor receives an email from her production manager or the VFX supervisor asking for access to a sensitive file and happily complies.

What she doesn’t know is that a specialized group has done the social engineering – figuring out who she is and a boss or senior company officer she’s likely to respond to. Another has done the corporate hacking into the company’s email server and sent the request from her boss’ email.

Another group has written the malware to install on the network when she emails the link or credentials back, and yet another harvests her networks for sensitive information it can hold to ransom.

In a traditional network – where the editor has sent the link using approved credentials – the server would simply grant access. Under a Zero Trust model, the device used by the hacker, its location and the workload usually performed after such a request aren’t known to the network even though the login credentials were cleared, so access is immediately blocked and the attempt logged.

But it’s about far more than stealing sensitive files. Imagine you’re a broadcaster streaming content that’s interrupted or taken down through a distributed denial of service (DDoS) attack by a hacker group with a political or misinformation agenda. When online services combine live betting with real-time sport events, the liability alone could be crippling if your network or stream goes dark.

Evolving Vigilance

At Dalet, security has always been a cornerstone of everything we do. We consider it like the brakes of a car. You need to stay on the road and keep up the pace, and security isn’t there to block that but help achieve it by spotting dangers and letting you circumnavigate them quickly and efficiently.

My first act as CISO was to secure the company’s ISO/IEC 27001 certification, a testament not just to our experience and hard work securing clients in the past but our commitment to do so in the hyper-connected world of today and tomorrow.

Today, we’re extremely proud of our ISO/IEC 27001 and DPP Security Marks certifications, but we’re not by any means resting on our laurels, constantly developing an internal workflow called Secure Development Life Cycle (SDLC), which reduces the number of vulnerabilities in our systems.

Security needs a three-pronged approach;

People: We want our own people and customers to have awareness, to receive security training.

Processes: We want to constantly improve processes to better respond to incidents.

Technology: As technology has increasingly shifted from on premise to cloud and external systems and providers, security must remain the most critical part of the transition.

Following our heritage as an on-premises provider we have decades of experience monitoring systems, and as workflows using external platforms and multi-connectivity have evolved, we’ve grown up with it.

The Best in the World

Even more critically, the Media business is truly global, with suppliers and customers headquartered all over the world in countless different legal jurisdictions. And because data privacy law differs in each territory (most people are familiar with the EU’s 2016 General Data Protection Regulation or Europe’s GDPR), different users have different regulatory requirements.

But as well as evolving along with local standards and regulations wherever they are, we make a practice of applying the strictest regulatory frameworks we work with (including our own) and applying them everywhere our customers are found. Under my Dalet CISO remit, we will be implementing a Zero Trust approach to all our products and solutions, ensuring that every piece of data and content managed is well looked-after.

As a Dalet customer, we are sure you have better things to do than worry about security – that’s our job. So as you scale, remember that we’re growing with you, and Zero Trust is securing your borders no matter what cloud services, internet of things (IoT) or and bring your own device (BYOD) policies are used to interact with your organization.

You can’t take any risks with valuable media assets, but you have to expand your access rights to more players and collaborators than ever. Zero Trust provides the balance between the two you’re going to need in the near future.

Further Reading

Don’t just take our word for it. Some of the most respected technology and SaaS brands on Earth are realizing Zero Trust is the best way to secure a dispersed digital workforce in the future.

https://cyberriskleaders.com/prepare-for-zero-trust-security-model-at-the-organization-level-foundations-and-implementation/

https://www.telecomtv.com/content/tracker/verizon-secures-global-enterprise-networks-with-zero-trust-capabilities-37012/

https://www.einnews.com/pr_news/556347542/zero-trust-security-solutions-market-analysis-by-manufacturers-regions-type-and-application-forecast-to-2028

The post Zero Trust; the New Security Paradigm for a Multi-Connected World appeared first on Dalet.