Content security best practices are designed to take into consideration the services the facility provides, the type of content the facility handles, and in what release window the facility operates. The purpose of these guidelines is to provide current and future third party vendors engaged by MPAA Members with an understanding of general content security expectations and current industry best practices. Decisions regarding the use of vendors by any particular Member are made by each Member solely on a unilateral basis.
Best practices are organized according to the MPAA Content Security Model, which provides a framework for assessing a facility's ability to protect a client's content. It is comprised of 49 security topics across its management system, physical security and digital security. The components of the MPAA Content Security Model are drawn from relevant ISO standards (27001/27002), security standards (i.e., NIST) and industry best practices.
There are now two documents which provide the MPAA Best Practices. The Common Guidelines apply to all facilities that handle motion picture content. The Supplemental Guidelines apply to specific facility types (e.g., post-production, visual effects, replication). Below are the links to downloadable versions of the MPAA Best Practices in ten different languages.
|Common Guidelines||Language||Supplemental Guidelines|
The purpose of these guidelines is to promote security best practices related to the creation and handling of motion picture screeners. A screener is broadly defined as "a copy of a motion picture provided to industry professionals." There are different types of screeners (e.g., awards or promotional), different recipients (e.g., censorship boards or media outlets) and numerous entities involved (e.g., guilds or studios).
|Download||Award Screeners||Content that is physically or digitally distributed to awards voters|
|Download||Digital Screeners||Security guidelines for entities that provide digital transfer services for any type of screener|
In order to assist facilities conducting self-assessments, the MPAA has included a spreadsheet version of the guidelines shown in the current set of best practices:
Download Common Controls for All Facility Types
Download Additional Controls for Each Facility Type