Need to Know: Cybersecurity and AV - AvNetwork.com

Need to Know: Cybersecurity and AV

Author:
Publish date:

Now that AV is consistently placed on the network, it is paramount that installers, integrators, and end users take extra care to ensure these devices don’t create vulnerabilities in enterprises’ security. With AV innovations and confidential information on the same network, how do we ensure the performance of the former doesn’t compromise the integrity of the latter?

Find out more about cybersecurity.

First and foremost, AV professionals need to remember that network security is a large concern that should be considered at the earliest stages of system design. Private data—think employee social security numbers—is held on corporate servers, right alongside AV on the network. Not in an office? Those with technical skills and malicious intentions can create embarrassing situations for integrators and installers. Remember that time someone hacked a large touchscreen at Washington, DC’s Union Station and visitors were exposed to several minutes of adult videos in the middle of rush hour?

N2K-Cybersecurity_full_300_text

John Pescatore, director of emerging security trends at the SANS Institute, thinks AV pros should remember the basics: ensuring information AV systems are continuously updated and security controls are only accessible by authorized users. For sensitive systems, he cautioned, “authorized users should be required to use strong authentication, and not just reusable passwords.”

“Quite often, phishing attacks target system administrators and obtain their passwords—and the attackers are off to the races,” said Pescatore. “Strong authentication can be as simple as requiring receipt and entry of a text message in addition to a password, or require the use of a hardware token, like a USB key.”

A vital aspect of security is communication. All stakeholders should sit down together to discuss the goals of the AV systems, potential implications for security, and how the AV devices will be managed. Once devices are chosen, Pescatore says to “ensure manufacturers have a documented process for providing software updates, and make sure you have a process for rapidly installing the updates; generally, these should be installed in one week or less.”

Another workaround for AVoIP is to keep the products on an isolated network; Pescatore recommends using a firewall to provide only minimum access and to log all connections.

When it comes down to it, there’s no one-size-fits-all for network security. Integrators, IT professionals, and end users need to work together to determine what is the best solution for every single installation.

Find out more about cybersecurity.

Need to Know More?

Have a burning question about cybersecurity — or maybe request for a different topic you’d like to see us tackle? Email us at needtoknow@nbmedia.com and we’ll put our top minds on it!

More from Future on cybersecurity:

Related

Risky Business: Cybersecurity in AV promo image

Risky Business: Cybersecurity in AV

I already knew just from the feedback I received and audience engagement at the cybersecurity sessions at Symco’s Regional Roadshows in April that we hit on a really hot topic for AV professionals. When polling attendees, most cited very little knowledge of the topic, and they were eager to take the discussions further.

04_B_Transportation_NanoLumens_Pearson

Trends in Transportation AV

Gone are the days of humdrum waiting rooms at airports and bus and train stations. Now, you’re entering a new world catering to a travelers’ every need, and transportation hubs are using AV to make it happen.