SVG Content Security Work Group

Committee

Co-Chairs
Scott Rothenberg, NEP Group, SVP, Technology and Asset Management
Tom Sahara, Turner Sports, VP, Operations and Technology

Committee
Keith Anderson, Turner Information Security, VP
Bernie Courtney, CBS Corporation, Director IT & Engineering
John Gierl, NEP Group, SVP, Information Technology
Seann Harding, Dome Productions, Technical Manager Engineering
Kolin Hodgson, University of Notre Dame, Senior Information Security Analyst
Darryl Jefferson, NBC Sports & Olympics, VP, Post Operations & Digital Workflow
Keith Martin, Game Creek Video, Engineering Project Manager
Gary Olson, GHO Group, Managing Director
Jason Taubman, Game Creek Video, SVP, Technology
Dan Turk, NEP Group, Chief Engineer
Marc Zorn, HBO, Productions & Content Security

For More Information

If you have any questions or comments about the Best Practices, or would like to join the SVG Content Security Work Group, please email:
[email protected]

SVG Content Security Work Group Best Practices

Scanning Removable Drives Version 1.0 (January 2019)

  • All trucks and flypacks should have a separate computer that is set up to perform a malware scan on all portable drives prior to those drives being used. Drives with media should be scanned if time permits; however, configuration files for switcher, audio console, and other systems should be scanned.
  • The facilities provider should provide this capability with hardware and software of their choosing and its staff should be responsible for making sure that the software is up to date.
  • The company that hires the crew should communicate that all crew (above and below the line) should comply with this process.
  • This computer should be “air-gapped” from the internet except when getting software updates.

Wireless Networks Version 1.0 (January 2019)

  • Facilities should be set up with at least two networks: Engineering and Public.
  • There should be a hardware firewall between the networks and only the representatives or those specifically authorized by the facilities provider should have access to the engineering network. Hiding this network might be a prudent additional step.
  • The Public Wifi is only allowed through Access Control List to public internet and the network should be password protected. Frequent resets or purges of allowed users is a prudent additional step.
  • Only company-approved VPNs will be allowed; use of other VPN’s are not permitted.