AKAMAI WHITE PAPER
Workflows for Premium Content:
Introducing Akamai’s secure, MPAA-
assessed workflow for transcoding, storing
and delivering protected content in the cloud
Securing Cloud-Based Workflows for Premium Content 2
THE LIMITATIONS OF IN-HOUSE WORKFLOWS 3
CAN CLOUD-BASED WORKFLOWS BE SECURE? 5
AKAMAI’S SECURE END-TO-END WORKFLOW FOR PREMIUM CONTENT 5
HOW IT WORKS 6
CLOUD-BASED WORKFLOWS: THE FUTURE OF ONLINE VIDEO 7
TABLE OF CONTENTS
Securing Cloud-Based Workflows for Premium Content 3
In an era of rising audience expectations and rapidly proliferating devices, delivering
a compelling online viewing experience has become an increasingly difficult and
expensive proposition. Faced with scalability challenges and burdened by complex
processes, content service providers need workflow solutions that can help them
adapt quickly to continually changing marketplace demands while minimizing capital
and operational expenses.
Cloud-based solutions are ideal for these situations, letting content providers outsource complexity and scale infrastructure
on demand. Offering pay-as-you-go access to massive computing, storage and delivery resources, cloud-based workflows
also minimize upfront capital expenditures as well as ongoing operating costs.
For these very reasons, most content service providers already use cloud services to deliver their videos to audiences
around the world. More and more content service providers are now migrating other phases of their content workflows –
such as storage and transcoding – to the cloud as well. Doing so not only allows them to leverage instantaneously
scalable, high-performance transcoding resources on demand, it also greatly reduces the cost and complexity of
keeping up with device proliferation and technological advances. With cloud-based transcoding, for example, supporting
additional codecs, higher screen resolutions or the latest device platform can be achieved with just a few simple mouse
clicks. In addition, cloud storage offloads the headache of storing, moving and managing the rapidly increasing number
of files – and file sizes – needed to accommodate the ever-advancing device marketplace.
However, media companies with premium content must tackle significant security concerns when considering a move
to the cloud. High among these is their ability to safeguard content when it is unencrypted – and therefore susceptible
to theft – during the transcoding process. Concerns like these can prevent content service providers from truly considering
cloud-based workflows, despite the great potential scalability and cost-savings benefits.
Fortunately, companies no longer need to make this tradeoff. With Akamai, content service providers can now take
advantage of the industry’s first secure, end-to-end cloud-based workflow that has been fully assessed by the Motion
Picture Association of America (MPAA). Enabling the cloud-based transcoding, storage and delivery of premium video
content, this innovative, secure workflow allows content providers to fully leverage the benefits of the cloud while
protecting their digital assets all the way from source file to consumer.
The Limitations of In-House Workflows
Traditional, in-house video workflows typically mitigate content security risks by handling most pre-delivery processing
within a centralized, secure facility. Here, the video source or mezzanine file is transcoded into many separate renditions
in order to support different devices, formats, networks and DRM platforms. Since the transcoding process requires the
source file to be unencrypted at some point – and thus vulnerable to theft — the content is safeguarded during this part
of the workflow by processing it within a digitally, physically and operationally secure facility. Content providers who
require the highest levels of safety typically use an MPAA-assessed facility.
After the renditions are created, digital rights management (DRM) technology, such as Adobe Flash Access or Microsoft
PlayReady, is applied to each file while still within the secure facility. Once this is done, the files can be safely uploaded to
a content delivery network for storage and delivery. DRM protects the files from theft and unauthorized playback during
storage, transit and delivery through the cloud.
Securing Cloud-Based Workflows for Premium Content 4
Traditional Content Workflow
Unfortunately, in-house workflows have a number of downsides. First, there is the high capital cost and operational
complexity involved. Because transcoding is so processing-intensive, an in-house solution requires significant upfront
expenditures for hardware and software. This problem is further exacerbated as screen resolutions continue their upward
march toward 4K and beyond, requiring enormous source files that are increasingly unwieldy to access, move around
and back up.
In addition, it is costly to maintain and manage a complex workflow that can keep up to date with the continually
expanding matrix of technologies, formats, codecs, screen sizes and so on that comprise today’s fragmented device
marketplace. Accommodating a new device or format – including retrofitting the existing content library – involves
acquiring new expertise and significant processing power, consuming substantial time and resources.
Content service providers with an in-house workflow also face capacity planning challenges. Because their infrastructure
is inelastic, they must accurately estimate the amount of hardware and software they will need well in advance – they
cannot scale on demand. Typically, this means companies are forced spend extra and overprovision – or suffer the
consequences of potentially falling behind schedule or being unable to meet demands.
In addition, companies must provision for peak usage, adding hardware and personnel any time they need to increase
capacity, even if only for a one-off event. Unfortunately, these resources then sit underutilized much of the time,
going to waste.
For most companies, it is also difficult to cost-effectively build true reliability into in-house server farms. With only one
or two server locations, in-house infrastructure cannot provide the same level of fault tolerance as a truly distributed
cloud infrastructure can.
For these reasons, growing numbers of media companies are looking to leverage the cloud — not just for video delivery,
but also earlier in their workflows. But while intelligent cloud infrastructures can deliver tremendous benefits and enable
companies to overcome the limitations of in-house workflows, they also introduce potential security concerns, particularly
for premium content providers.
Secure Facility DRM Proctected
Cloud Storage & Delivery
Securing Cloud-Based Workflows for Premium Content 5
Can Cloud-Based Workflows Be Secure?
Premium content requires a workflow that protects it from theft and unauthorized access at every step, from the
original source file all the way to the consumer. Of particular importance is the transcoding process, as it requires
access to unencrypted source files that are at risk of theft. Doing this process off-site, in the cloud, raises potential
Indeed, the very aspects of the cloud that make it so massively scalable and high performing are the same characteristics
that make security challenging. The cloud is a decentralized, distributed model relying on heterogeneous third-party
networks – much different from a single, secure, centralized facility where content can be processed. Because of this,
cloud-based content workflows require a completely new security paradigm. In order to be viable for premium content,
cloud-based workflows must:
1. Protect the source content as it is being ingested to the cloud.
2. Protect the content during transcoding and DRM implementation.
3. Protect source content and created files during archive and storage.
4. Ensure redundancy of all files in a geographically distributed manner.
5. Protect content files as they are delivered to end users.
6. Secure content at all times in a way that does not hamper the unique benefits of the cloud-based workflow,
including scalability, performance and reliability.
Akamai’s Secure End-to-End Workflow for Premium Content
In order to provide true end-to-end protection for premium content, Akamai is pleased to introduce the industry’s first
and only MPAA-assessed, secure workflow for the transcoding, storage and delivery of video through the cloud.
Combining industry-leading expertise in securing the cloud with more than a decade of experience delivering compelling
media experiences, Akamai is uniquely able to offer this solution — enabling media companies to vastly simplify their
post-production workflows and infrastructure by fully leveraging the tremendous scalability and performance of the
distributed cloud for the first time. Content owners need only upload their source files, and Akamai’s massively
distributed, high-performance cloud platform takes care of the rest – all while keeping the premium content
safe from theft.
To provide the highest levels of protection and assurance, Akamai has voluntarily undertaken the intensive process
of having its cloud-based workflow assessed under the MPAA’s Site Security Program, the