Hacked. Data breach. Cyberattack. These words are getting more and more airtime. A look at recent headlines reveals corporations, K-12 schools, universities, healthcare organizations, and financial and government entities have all been victim of expensive cyberattacks. In fact, they’re at an all-time high, according to IBM’s recently released Cost of a Data Breach Report (opens in new tab). While the financial industry has received the lion’s share of attacks, the report found that healthcare data breaches are among the costliest, with a record-breaking price tag of $10.1 million, on average. Many breaches are shown to be a result of employee error, complicated technologies, and third-party vendor solutions that are bridged into the network. Now with the hybrid workplace and bring-your-own-device (BYOD) becoming the norm, it’s more likely the doorway will be left open to more prevalent attacks. The best defense is prioritization on specifying ultra-secure meeting room technology, namely wireless presentation systems.
For any organization looking to replace cables, the best wireless presentation systems (WPS) must be able to support existing and future technology, as well as make the displays in the room work harder. Features like touch-back control, and the ability to split a screen to share information from two presenters or more at the same time are critical to effective collaboration. With new 4K displays and the increased use of video – good video and high resolution are also a must. But for any company that has been subject to ransomware, data breaches, or handles sensitive information, the security functions of a system are often the most important part of evaluating any WPS.
VLANs can only provide basic protection and can be vulnerable to hackers looking to penetrate the system.
Let’s look closer at what’s happening in the hybrid workplace, meeting rooms, and why security is such an important consideration. Typically, employees aren’t coming into the office for the same work they can complete at home. Rather, their focus is to meet and collaborate with colleagues and conduct presentations in-person. That means that their time in the office is limited and they’re tasked with squeezing out every minute of productivity during that time. They can’t waste it setting up or troubleshooting complicated presentation technology. They need to be able to present from their device as quickly as possible without cables. That’s why more and more companies are adopting WPS.
A WPS has the benefit of allowing a user to present from their own device without plugging an HDMI cable into their device. There are many WPS options on the market, and not distinguishing between them is where security can fall apart. The most common systems use a custom software application to mirror the screen on a laptop or computer through the organization’s network. This hardware-free option has advantages in cost, but it can impact performance and security—more on that later. A second approach, and one that’s most popular for larger businesses and government organizations, is to use a hardware-based button that connects to a device and users simply tap it to present to the screen. These systems, however, have critically different architectures and interfaces when it comes to security.
While the app/network approach seems simple and clean since there are no buttons or hardware, it can create unanticipated security risks for IT. First, because these devices are connected to the network, hackers can exploit any vulnerabilities in the device either from in the room or via the internet. In fact, many of these systems have already been shown to have vulnerabilities that allow a hacker to gain control of the network—or shut it down. To protect against this, companies have become reliant upon and overly confident in expensive subscription programs to keep the system constantly upgraded. While these types of systems may be cheaper to buy, they can be much more expensive to own. For example, most app/network systems recommend setting up a VLAN to isolate the network from the main network to keep it more secure. Let's look closer at that.
VLANs can only provide basic protection and can be vulnerable to hackers looking to penetrate the system. For example, Rice University will not allow a wireless presentation to use the network due to this risk, especially after U.S. retailer Target had to notify over 40 million customers that their customer data was stolen in 2013. That attack was done by a hacker who accessed an air conditioning controller that was connected to one of the Target networks and then used it to bridge into the most sensitive data servers of the company.
Now let’s look at wireless presentation systems that use a combination of USB buttons and network connectivity to enable screen mirroring. USB ports have significant security risks. In fact, the Department of Defense restricts the use of USB—a ban that was issued after a virus was found to be spreading through military networks by copying itself from one removable drive to another. Here’s why: If a hacker can access the receiver connected to the display, then there is a risk that someone can access the presentation outside the room. The presenter has no idea that their presentation is being shared outside the room. It has been advised that customers using these systems secure access to the receiver to keep this from happening, which can be expensive and impractical—especially if it is mounted on a projector or the back of a display.
The third approach for button-based systems is using the HDMI port to connect to a device. Besides not having to connect to a network or load an app to make it work, it has the built-in advantages of high security. It’s certified against known threats that exploit both the network and USB button architectures. While it does require hardware, a button-based approach delivers the simplicity and speed required for meetings in the age of hybrid. Plus, it’s a main reason these types of buttons are used in meeting rooms at Toyota, the father of maximizing production efficiency.
But if the Target attack and subsequent high-profile attacks that have occurred since have taught organizations anything it’s that security demands a multi-layered approach. In addition to utilizing an HDMI technology, there are a few other technologies now available in these systems that lead the way in delivering the ultimate in security protection—protection that is strong enough to meet the rigorous requirements of financial and bank institutions.
Wi-Fi 6 and WPA3 Authentication
Wi-Fi is a common and comfortable word, thanks to the proliferation of the wireless technology in our homes and mobile devices. However, there’s a marked difference between the authentication and encryption found in our domain, which primarily uses WPA2 and is not appropriate for high-security network deployments, and Wi-Fi 6. Higher security Wi-Fi network deployments must be configured for WPA3 authentication, which—along with AES 128-bit security encryption — ensures that any intellectual property remains private and safe from tampering or unintended disclosure—guaranteeing that presentations are absolutely secure.
Common Criteria (CC), Evaluation Assurance Level EAL6 Augmented (EAL6+) Standards CC refers to the EAL, which has seven levels graded from EAL1 to EAL7. For any device connected to a network – such as a networked printer all the way up to a Cisco network switch, companies certify the security level of these products using the global EAL standard. For example, an enterprise-class router or firewall might have an EAL 4 level, while a bank card payment device might have a higher rating of an EAL 5 or 6. For wireless presentation systems, a solution tested and certified under the rigorous EAL6+ standard is the highest protection possible outside of being military grade. Why is common criteria EAL6+ certification critical? The data breaches the majority of companies have suffered from in the past years came from unsecured wireless devices like printers, scanners, mobile phones, or laptops connected to their Wi-Fi network since cyber-attacks aim at these devices as the weakest points to get “way in” to a business network. In addition to WPA3, financial services generally use EAL6 augmented (or EAL6+) security compliance in their payment systems to justify the additional costs spent when handling high value protected assets that are transmitted in high-risk situations.
Federal Information Processing Standards (FIPS)
State and federal government agencies are most likely familiar with FIPS. It’s the standard for handling sensitive data, such ensuring a private taxpayer return doesn’t get leaked onto the Internet as well as other sensitive private and government communications. Financial and healthcare institutions and other regulated industries are often required to use this standard. Currently there’s only one WPS on the market to meet the stringent requirements of this encryption standard, the BenQ WDC30, which ensures the wireless transmission is encrypted with an encryption key generated by the unit and a new encryption key is created every time it is used. It is the only wireless presentation system that can be used with sensitive government information. As such, it keeps millions of government employees from having to share a cable when presenting in sensitive environments.
As organizations look to deliver greater workplace agility that ensures a plug-and-play experience when presenting and collaborating, security is key. Until now, security and ease of use were mutually exclusive benefits in the presentation technology marketplace. Meeting rooms and other collaboration areas have traditionally relied upon expensive matrix systems that were complicated to use and severely limited. Users were chained to a cable that had to be passed among other presenters.
The WPS category introduced freedom, but some models do so at price. Systems reliant upon software, apps, and network logins allow users to present from anywhere, but they’re needlessly complicated. IT and tech staff have to download and configure software/app and users have to log into the network. As this article has shown, those are complicated and risky steps today. USB-based hardware buttons don’t completely eliminate those risks. The best bet as companies look to safeguard data, their network, and user devices in the era of the hybrid workplace is a hardware-based HDMI WPS built from the ground up to be certified in critical security standards in operation for organizations handling sensitive data. At the same time, users need to be equipped with tools that aid in meeting efficacy. Those tools include a tap-to-present meeting experience with no software or logins required, quad split screen to allow up to four attendees to share to the screen simultaneously, touch back control that grants presenters the ability to control the connected device directly from a compatible interactive screen, and clear, stable transmission of audio and video. Users don’t waste any time collaborating, and data and the network are completely safe.