Azure Media Services: First Cloud Media Service Awarded Certification by CDSA

Share this Post

After many years of work building out the services and compliance procedures to meet our initial goal of a “security first” architecture for our platform, I am extremely proud to announce that Microsoft Azure Media Services has been awarded certification by a CDSA-appointed external auditor. This initial certification status is valid for six months, after which further successful on-site audits will extend the certification for one-year periods. Azure Media Services is committed to continuing the CDSA audits, as well as maintaining internal audits and controls to retain our hard-earned CPS certification.

To date, Azure Media Services is the only cloud media platform in the market that has achieved this CDSA certification on its encoding platform services. The CPS certification provides a standards-based method of assuring our customers – and yours – that the intellectual property rights of media assets stored, encoded, managed, and distributed from within Azure are safe and secure. Further, if you build out your own custom solutions on top of Azure Media Services, you are able to leverage and reference our CPS certification within your own CPS certification efforts.

I am extremely proud to announce that Media Services has been awarded certification by a CDSA-appointed external auditorJohn D.

For more information on the CDSA, visit their website here. If you would also like to study and read the controls provided by the CPS standard, they are available in this PDF document on the CDSA site. They also provide a good whitepaper that provides an overview of the security standard here.

Our Azure certification is brand new and just granted in the last week, so it may not yet be posted on the program participant list. The list is located here on the CDSA website.

The CDSA and Content Protection Certification for the Cloud

The CDSA provides industry acclaimed and proven content protection standards. Microsoft has been a member and contributor to the CDSA for several years.

The CDSA’s Content Protection & Security (CPS) Standard forms the basis of a Content Security Management System (CSMS) providing guidance and requirements to secure media assets across the workflow. The standard details a set of “controls” designed to ensure the continued integrity of intellectual property, confidentiality, and media asset security, at all stages of the supply chain.

Our team handles all of this work and takes this burden off of our customers and users of our platformJohn D.

This standard is auditable and once a system is validated through an external (appointed) auditor, the CDSA issues a certificate of compliance with the CPS program. To maintain compliance the certified entity (Azure Media Services) must submit the results of annual audits to the CDSA. This means that each year, our team must re-validate our own CSMS with the CDSA showing that we are compliant with the requirements of the CPS program. Our team handles all of this work and takes this burden off of our customers and users of our platform.

In order to obtain this certification Azure Media Services was required to demonstrate proof of a risk assessment against the CPS standard. In addition, a comprehensive “Statement of Applicability” was submitted that articulated the breadth and depth of content protection features that Azure Media Services provides to protect content throughout the encoding and delivery workflow.

Azure Media Services is the only cloud media platform in the market that can offer encryption on the fly for both Video-On-Demand and live streaming broadcasts. Azure Media Services provides a number of secure upload channels for content including the ExpressRoute private network connection to Azure, UDP upload via IBM’s Aspera software and secure HTTPS upload over the Internet.

Azure Media Services is the only cloud media platform in the market that can offer encryption on the fly for both Video-On-Demand and live streaming broadcasts.

To achieve initial certification status from the CDSA, we were required to review and adhere to over 300 security controls that manage and secure physical data centers, encryption and key management, storage facilities, and software layers that handle valuable media assets.

Prior to formally requesting certification, our team had already gone through and won approval for ISO/IEC 27001:2013, ISO 27018, FedRAMP, EU Model Clause, SOC1 and SOC2 compliance programs. These are continuous compliance programs where we are required to constantly monitor and renew our compliances at points of time and over periods of up to six months.

If you are attending NAB 2015, I invite you to stop by the Microsoft booth if you have any questions about Azure Media Services. We are located in the South Hall, lower level in booth #SL6610.

Related Articles on the Azure Blog:

Auditing Media Asset LifeCycle Part 1 by Milan Gada

Auditing Media Asset LifeCycle Part 2

Auditing Media Asset LifeCycle Part 3

Share this Post

Leave a Reply

Your email address will not be published. Required fields are marked *