In today’s digital-driven world, the consumption of entertainment from the unlimited access zones has made consumer data privacy and security the center stage for organizations. According to Nitin Mittal, President Technology and Group CTO, of Zee Entertainment, to reach data privacy standards, organizations must comply with GDPR and IT Acts of various areas and territories, including India, which highlights the need of the data governance team.
“The team makes sure that we comply with these standards which are laid down within the law of the land from IT standpoint of view and privacy. Globally for other geographies, as Zee Entertainment, we comply with GDPR standards. In certain territories where we take payment information from the consumer through our platform, there we are complying with EPI standards for cards’ data”, he said.
As credentials of the customer become the easy targets for the invaders, the company has implemented multifactor authentication to ensure the security of the credentials. As a result, even if the individual is oblivious to how to keep their credentials secure, they use multifactor authentication. It not only benefits customers but also secures internal operations.
“Right from the time of content acquisition and development to how it gets transferred and how access and rights management are given between the team which is managing the content acquisition development to distribution, is pretty much controlled using two-factor authentication internally,” he mentioned.
To make the internal security at the par, the company has IT processes around the media inspection and classification along with a content backup strategy. The intensive asset tagging and labeling, makes sure that when assets are moving between the sites or between facilities, it is traceable.
“We have enough vulnerability, assessment capabilities on cloud infrastructure to make sure that whatever codes are being developed are meeting our internal security standards where vulnerabilities are protected on day zero rather than trying to put any layer into it later on. of course, at the very outset of it, we have external and internal firewalls on our network where input and output devices are made safe including our digital content library and the authentication services across the board.”, he adds.
Educating Consumer’s and Hackers alert
The company focuses on educating the customers to prevent the invaders from entering their privacy and has experts from the hacking forum, which checks the dark web leaked credentials in the criteria of true or false positive. The team tracks and analyzes the different tools trending in cyberspace that hackers might use to track the user’s name and password combinations for various OTT services, either directly or using bots.
“The leaked credentials can be used to access any services or any other information outside OTT. If that is the case, we alert and block and take down those links from the web. We have a lab in the place where we have few guys who are experts in this space and, they keep doing day in and day out a check, a crack to it and bringing those things down and obviously with the kind of speed at which things are moving you are pretty much in a catch-up mode.”, expanded Mittal.
Furthermore, he emphasizes the importance of monitoring threats correctly by monitoring consumer URLs and social media platforms that have become the medium of the pirated hub regardless of channel telecasting.
For social listening, monitoring, deep web calling, and regulatory compliances, ZEEL use AI and utilize the ML capabilities intrinsically. To create a mind map of threat perceptions based on severity, the organization uses sophisticated machine learning algorithms that filter information on an urgent matter and exclude unnecessary things from appearing on the radar.
“For doing all this, the combination of open-source vendor and in-house capabilities are being put together which exhaustively leverages machine learning models to do these proactive activities”, Mittal adds.
Content Piracy challenges and solutions
In today’s world, the risk of security is dependent on the content. Consumers face threats from the invaders as they leverage the credentials which have PII information. When the service gets attacked, the hacker opens specific ports and capabilities on the cloud infrastructure. As a result, it allows cybercriminals to use those credentials, especially when using the platforms on a Wi-Fi network.
To address these concerns, the company adheres to ISO 27000 standards for data and IT security and, complies with NIST standards for cloud infrastructure and security, which are used globally by all SAS players.
“Not only does it lead to credential fraud, which can impact the consumer in a different digital space outside of OTT, but it also leads to revenue losses for us because our content can become openly available for people to have the same high-quality experience without paying for content,” Mittal adds.
The company tackles content piracy by putting a watermark on the content. The watermark makes the content traceable and aware the consumer about the owner of the content. They work closely with CDN providers and ISBN cloud infrastructure providers to do pirate monitoring.
Mittal says, “It is an effort or collaboration between the service providers like us who are providing content, service experience in OTT, with the cyber security vendors, national authorities, content distribution networks like Googles and Amazons of the world and also the ISPs. So, if everybody worked together with a simpler objective of keeping consumer data safe and keeping our content away from piracy, I think that is what is working for us.”