Security Requirements for Distributing AV Content on the Network

Security Requirements for Distributing AV Content on the Network

Network security is a critical issue in the enterprise and, indeed, all commercial vertical markets. As AV systems have become more integrated into the IT infrastructure, they have inherited and added to the security considerations of the network. But, first things first. It’s important to note that the term "network security" can refer to several things: the confidentiality of the information or content, the integrity of the information with regard to tampering, and the availability of the network itself. In more practical terms for IT and AV managers, security is the level of guarantee that sensitive information is only provided to those who need it and are entitled to it, that the information is valid and accurate, and that the network delivering it will not be interrupted.

When AV infrastructure was point-to-point, these concerns were significantly less important. The physical wiring itself created a closed system. Now, AV streams are more widely distributed and broadcast over IP networks. This means that AV systems are facing all the same security issues as the network, but the AV hardware is also creating new facets and challenges.

Dr. Phil Hippensteel, associate professor at Penn State University, Harrisburg, points out that “these AV devices use embedded operating systems on cards, rather than, for example, Windows on a hard drive. They can’t be treated the same as Windows machines or Mac’s. This puts more of the security burden on the equipment vendors.” That distinction may not mean that any individual device is more or less secure, but it is different than what IT teams typically deal with and needs specific attention.

Another aspect that makes dedicated AV hardware different is in the area of remote connection. “Device manufacturers will allow remote login to their devices, but ship them with default usernames and passwords,” Hippensteel added. “This leaves it to the integrator to change those login rites. Additionally, a secure login method must be allowable.”

The AV integrator is an important partner in building secure AV systems, but they are not the decision makers. “The AV integrator should not own the security decisions, as they don’t own the risk. Whomever owns the content is who owns the risk and therefore the decisions,” explained Paul Zielie, manager, enterprise solutions at Harman Professional. This is to say that the enterprise should be making the final decisions about how security will work. The AV integrator is a vital partner, and the security needs should be discussed with the integrator as early as possible. The integrator can plan for the needs and propose solutions that would be costlier and less successful if the conversation is taking place much later in the process.

Solutions will include procuring hardware that provides customizable rights access and secure connections, and likely VLANs. VLANs allow for network barriers that limit how many places a local area network can possible send information. “Going beyond that requires a router, and routers have tools to control where signals are going to go. This provides the opportunity for a layer of decision making,” said Zielie. “Requiring a positive decision that expands the routing of content means fewer chances of accidentally sending confidential information.”

These concerns are relatively new to the AV industry. With the exception of HDCP, which protects against the piracy of copyrighted content, there are no established norms or standards. This is not to say that AV systems cannot be made secure, but it increases the need for an active conversation between technology managers and integrators, as soon in to the process as possible. A collaborative and open approach conversation about what needs to be protected and how best to accomplish it will save time and money not only in the installation itself, but in the longer-term maintenance of the system. To learn more about networked AV security and how to securely manage a deployment, download The Workbook to Security and Networked AV.

AV Technology magazine's Technical Advisor, Justin O'Connor, has spent nearly 20 years as a product manager, bringing many hit products to the professional AV industry. He earned his Bachelor’s degree in Music Engineering Technology from the Frost School of Music at The University of Miami. Follow him at @JOCAudioPro.

Subscribe today for The Agile Control Room newsletter (distributed twice per month, every other Tuesday).