Gordon S. Lang School of Business and Economics
Gordon S. Lang School of Business and Economics
Log in Sign up

Security Policies and Procedures

Open
Entertainment Identifier Registry
Entertainment Identifier Registry
Los Angeles, California, United States
Richard Kroon
Richard Kroon
Director of Technical Operations
(4)
3
Project
Academic experience
80 hours of work total
Learner
Anywhere
Advanced level

Project scope

Categories
Operations Security (cybersecurity and IT security) Law and policy
Skills
information management relationship building auditing infrastructure security security controls
Details

EIDR (Entertainment Identifier Registry – eidr.org) is a service provider for the global media and entertainment industry. Our members include some of the largest media companies in the world (eidr.org/eidr-members) and the identification services we provide are integrated directly into their supply chain operations (eidr.org/about-us).


The Motion Picture Association (MPA – motionpictures.org) operates the Trusted Partner Network (TPN – ttpn.org), which provides a set of Content Security Best Practices for the industry (v5.3 – ttpn.org/links-resources). We at EIDR do not handle media directly, but we do manage descriptive metadata related to those programs and our services are used in the pre-release window when content security concerns are at their highest.


We’re a small, not-for-profit organization. To date, our focus has been on service delivery, not security. Our security policies, procedures, and training programs have largely consisted of “we’re all professionals, so behave yourselves.” As you can imagine, this is not sufficient to meet the formal TPN security standards.


The tasks ahead of us include:

  • Reviewing the TPN Security Best Practices to determine which apply to our operation (providing justifications/explanations for those that do not)
  • Comparing the applicable TPN Security Best Practices to our draft policies and procedures and correcting any identified gaps
  • Developing a prioritized implementation plan that will guide us from current state to verifiable compliance with the applicable TPN Security Best Practices


Deliverables

By the end of the project, students should demonstrate:

  • Understanding the TPN Security Best Practices
  • Understanding how the TPN recommended practices do (and do not) apply to EIDR
  • Understanding EIDR's security policies, procedures, and supporting programs and materials

Final deliverables should include

  • A revised set of TPN-compliant security policies & procedurs
  • A recommended implementation plan to take us from current to final state
  • A 10-minute presentation.
Mentorship
Domain expertise and knowledge

Providing specialized, in-depth knowledge and general industry insights for a comprehensive understanding.

Hands-on support

Direct involvement in project tasks, offering guidance, and demonstrating techniques.

Regular meetings

Scheduled check-ins to discuss progress, address challenges, and provide feedback.

About the company

Company
https://eidr.org
Los Angeles, California, United States
2 - 10 employees
Entertainment, Media & production, Non-profit, philanthropic & civil society, Technology

The Entertainment Identifier Registry Association (EIDR) is a not-for-profit industry association that supplies the global entertainment supply chain with universal identifiers for a broad array of audio visual objects. EIDR IDs are to movies, TV, games, and podcasts as ISBNs are to books, VINs are to cars, or UPC/EAN codes are to consumer products. The EIDR registry is, and always has been, read-for-free, though we do restrict write-access to authorized parties only. Our identifiers are critical to applications throughout the media and entertainment industry from production to public presentation, by archives, and in academic citation. Our Board includes Amazon, Google, Gracenote, NBCUniversal, Paramount, Sony Pictures, Disney, Warner Bros, and Xperi.