TPN Expanded Best Practices Guidelines

The Motion Pictures Association’s Trusted Partner Network (TPN) has announced it is expanding its security best practices for cloud workflows. The TPN is the leading film and television content security initiative and provides a framework of best practices to help organizations secure their content. Over the next 12 months, the TPN will roll out a new enhanced program that will include:  guidelines for securing cloud workflows; a simplified onboarding process for TPN assessors; an enhanced “Gold Assessment Program”; and a new “Blue Self-Attestation Program” to provide vendors with the ability to report alternate security certifications.“TPN is growing to keep pace with an industry where security threats are more insidious and sophisticated, and work in the cloud has become the new norm,” said TPN President Terri Davies.

“Our expanded program will embrace all the ways work gets done in our industry today while growing capacity, making it easier for service providers to ensure they are meeting security benchmarks and for content owners to make more informed independent vendor selections from a more accessible and centralized solution.”

Coming this fall, the TPN will publish expanded best practice guidelines covering application, site and cloud workflows. These new guidelines will be used to develop the TPN’s Gold Assessment Program and Blue Self-Attestation Program which are both scheduled to be released in Q1 2023. This Gold program will enable vendors to measure and report conformity to the industry’s most recognized standards. The Blue program will provide a flexible framework for vendors to self-attest and report compliance with various alternate security control sets such as CIS Controls, NIST and ISO. The program will serve as a single-source-of-truth for security information and is intended to reduce the need for organizations to have to undergo multiple vendor audits.REDESIGN Trust is uniquely positioned to advise its media and entertainment customers on these new application, site, and cloud security requirements and provide them cost-effective and scalable solutions to maintain compliance to the TPN’s evolving best practices. Through our strategic partnerships with industry leading cybersecurity firms, REDESIGN Trust also provides Managed Security Services to enable customers to leverage our cybersecurity expertise to manage the ongoing security program activities on their behalf in a cost-effective subscription model.