Home Opinions Protecting OTT services: Why multi-DRM is no longer enough

Protecting OTT services: Why multi-DRM is no longer enough

Tim Pearson, Senior Director, Product Marketing, NAGRA
Share on

Whether you’re a D2C operator or a traditional Pay TV provider looking to launch your own OTT service, there is one very important question you need to be asking – how can I ensure my content is protected in today’s hyper-connected world? Contrary to popular belief, simply using multi-DRM is no longer enough, which is why the industry is moving beyond it to address known and emerging security threats.

The reason for this shift is that the Pay TV industry is rapidly changing. The increasing number of enabled devices, such as tablets, phones and connected TVs are part of consumers’ everyday lives and are fundamentally altering how and where they watch the content they love. As a result, subscription-based streaming services are increasingly becoming the consumption method of choice. According to Digital TV Research, global SVOD subscriptions are now expected to rise to 1.161 billion by 2025 and climb by 170 million in 2020 alone due to Covid-19.

As these OTT and D2C services grow in popularity, service providers are moving away from the traditional point-to-point operator and set-top box relationship, which can open up a vast array of new security threats. Such threats exist along the value chain and create a much more complex ecosystem that requires a more sophisticated approach to protect the vulnerabilities that pirates are trying to exploit.

Regular and targeted piracy attacks do not just have an immediate effect through stolen content, they also impact revenues as subscribers churn away to illegal pirate services. It is virtually impossible for Pay TV operators to compete with free or significantly cheaper pirated services. This is why successful operators are acknowledging these piracy threats and are creating a comprehensive security strategy that moves beyond just multi-DRM.

While multi-DRM provides a basic level of protection for OTT streaming services, it should be considered as a baseline from which to build. It addresses the content security threat, but the service side, which has considerably more surface area in today’s streaming world than it does in a traditional broadcast environment, remains vulnerable – so addressing this is just as important as protecting the content itself. Additionally, as content owners begin mandating the use of certain tools, such as watermarking, to ensure their content will be secure before licencing it, investing in a service protection strategy becomes even more paramount to the service providers’ future.

OTT and D2C providers need to work within this complex environment – protecting content, services, consumers and the delivery of content. This is why having a comprehensive, adaptive and scalable toolset of solutions in place must be part of a comprehensive security strategy. The best approach is one of active streaming protection that protects both the content and service, is easily adaptable, and can scale to meet business requirements, and keeps pace with evolving security demands.

For example, with active streaming protection, and taking multi-DRM as a baseline, providers can incorporate a watermarking solution to protect the content itself, while using a centralised security platform to ensure a full set of capabilities across both broadcast and IP networks that can protect against other threats like credential sharing. To further protect the service, operators could also integrate anti-piracy services to identify leaks and take action to mitigate the risk of loss, such as takedowns and advisory messages to the end device. And, to ensure the best business decisions are being made, data and analytics tools can be added to effectively inform business stakeholders at both executive and operational levels to ensure the entire organisation is robust and protected.

Beyond traditional content protection, businesses should also be aware of the risks that arise with increased virtualisation and the impact it has on the broader IT infrastructure. Pirates are working to target the weakest point in any network and, for many providers, that’s the homes of their subscribers. Having a service protection strategy in place doesn’t just protect the content but considers the wider cyber threat helps to protect the entire organisation.

While multi-DRM served traditional broadcasters well for many years, it now needs to be ranged with additional technologies to work as part of a comprehensive security strategy to protect both the content and the entire service. Building a comprehensive strategy may take time and investment; however neglecting to do so could leave your business, content and customers at risk of piracy and cyber security attacks. Operators must use this time now to effectively evaluate and analyse their security strategy and work towards building a safe and secure streaming environment.

Share on