PxPixel
Need to Know: Cybersecurity and AV - AvNetwork.com

Need to Know: Cybersecurity and AV

Author:
Publish date:

Now that AV is consistently placed on the network, it is paramount that installers, integrators, and end users take extra care to ensure these devices don’t create vulnerabilities in enterprises’ security. With AV innovations and confidential information on the same network, how do we ensure the performance of the former doesn’t compromise the integrity of the latter?

Find out more about cybersecurity.

First and foremost, AV professionals need to remember that network security is a large concern that should be considered at the earliest stages of system design. Private data—think employee social security numbers—is held on corporate servers, right alongside AV on the network. Not in an office? Those with technical skills and malicious intentions can create embarrassing situations for integrators and installers. Remember that time someone hacked a large touchscreen at Washington, DC’s Union Station and visitors were exposed to several minutes of adult videos in the middle of rush hour?

N2K-Cybersecurity_full_300_text

John Pescatore, director of emerging security trends at the SANS Institute, thinks AV pros should remember the basics: ensuring information AV systems are continuously updated and security controls are only accessible by authorized users. For sensitive systems, he cautioned, “authorized users should be required to use strong authentication, and not just reusable passwords.”

“Quite often, phishing attacks target system administrators and obtain their passwords—and the attackers are off to the races,” said Pescatore. “Strong authentication can be as simple as requiring receipt and entry of a text message in addition to a password, or require the use of a hardware token, like a USB key.”

A vital aspect of security is communication. All stakeholders should sit down together to discuss the goals of the AV systems, potential implications for security, and how the AV devices will be managed. Once devices are chosen, Pescatore says to “ensure manufacturers have a documented process for providing software updates, and make sure you have a process for rapidly installing the updates; generally, these should be installed in one week or less.”

Another workaround for AVoIP is to keep the products on an isolated network; Pescatore recommends using a firewall to provide only minimum access and to log all connections.

When it comes down to it, there’s no one-size-fits-all for network security. Integrators, IT professionals, and end users need to work together to determine what is the best solution for every single installation.

Find out more about cybersecurity.

Need to Know More?

Have a burning question about cybersecurity — or maybe request for a different topic you’d like to see us tackle? Email us at needtoknow@nbmedia.com and we’ll put our top minds on it!

More from Future on cybersecurity:

Related

Risky Business: Cybersecurity in AV promo image

Risky Business: Cybersecurity in AV

I already knew just from the feedback I received and audience engagement at the cybersecurity sessions at Symco’s Regional Roadshows in April that we hit on a really hot topic for AV professionals. When polling attendees, most cited very little knowledge of the topic, and they were eager to take the discussions further.

04_B_Transportation_NanoLumens_Pearson

Trends in Transportation AV

Gone are the days of humdrum waiting rooms at airports and bus and train stations. Now, you’re entering a new world catering to a travelers’ every need, and transportation hubs are using AV to make it happen.

Filling Your Staffing Needs With AV Freelancers promo image

Filling Your Staffing Needs With AV Freelancers

Second only to securing lucrative projects is the quest for skilled, reliable AV labor, with many integrators turning to freelance staffing services for the help they need. As companies seek out both long- and short-term help, what are some things they should consider, and how can they be sure they get the most reliable employees?

Image placeholder title

What You Need to Know About AVnu Alliance’s AVB Certification Program

Heading up the implementation of AVnu certification testing is Bob Noseworthy, chief engineer and manager of the AVnu Consortium at the University of New Hampshire InterOperability Lab (UNH-IOL), the third-party laboratory whose other distinguished clients have included OpenFabrics Alliance and Wi-Fi Alliance. As Noseworthy explained to SCN, the rigorous AVB scheme has been developed to assure end-users that certified bridges are compliant with every aspect of the relevant IEEE standards.