Home Studio Security Guidance
- In the event of a security incident, Netflix Studio Information Security (firstname.lastname@example.org) should be an initial point of contact. We have resources to assist with these matters.
- Users should login to systems using a unique username and a strong passphrase. Non-internet facing systems (offline editorial) should be kept disconnected from the Internet when internet access is not needed.
- In the event a user needs to connect to a remote workstation this should be done through a VPN connection. Remote access to machines should be restricted and follow our recommendations.
- VPN connections should require multi-factor authentication as part of the login process.
- Ensure only persons working on the project can access the content.
- Transfers of materials should leverage an approved secure transfer platform (e.g. Aspera, Content Hub) or encrypted hard drives (Lacie Rugged Secure, Rocstor, Apricorn Aegis--not an exhaustive list).
- Devices should have unique profiles for each user and should require a password to access the device.
- Ensure systems are running one of the last two available versions of the commercial operating system and are configured to auto-update for security patches. The user should check quarterly to verify that the device is patched.
- Enable full disk encryption on the workstation (FileVault for Mac, BitLocker for PC).
- On all Microsoft Windows based hosts, enable Windows Defender with automatic updates enabled.
- Disable remote connections to the workstation and enable the device firewall. Detailed guidance can be found in the Prodicle Help Center.
- Secure physical assets (e.g. external hard drives, scripts) in a lockable container like a cabinet or safe.
- Personal machines (system(s) owned by the user) should not be used in place of company-issued machines when available.
- Limit viewing of work in progress content to anyone who is not a part of the project. When working from home we understand that family or partners may view projects, however, they should also keep project information confidential. An NDA can be used if deemed necessary.
- Secure all external entry and exit points where content is stored or worked on.
- Consider a security camera system that covers entries and exits.
- Securely delete content and return external media upon project/task completion or at the request of Netflix.