Opinion: the security risks of AV11 August 2017
As AV solutions continue to evolve, so too does the threat from hacking, says Joel Chimoindes, managing director at digital signage solutions provider BetaDMS.
The integration of AV and IT systems has created many security concerns for companies driving the benefits of business-wide collaboration to employees. In our everyday life, hacking and cyber-attacks have become a constant threat, and one that the industry needs to take seriously.
Well-implemented AV/IT solutions deliver seamless instant access to data and collaboration, but poorly installed systems will make for a terrible user experience and could create a serious security threat. Within many organisations, AV equipment is placed where presenting and sharing involves additional technology or third-party solutions. It is now common practice that guest access to WiFi networks is secure, but connections to AV equipment are less protected. In fact, where older AV systems relied on connectors and cables, more modern equipment uses wireless technology opening up security holes if not properly secured.
This isn’t just a ‘corporate organisation’ problem. Whether you’re a SMB, corporate, enterprise or public sector organisation, IT security is a clear risk.
Systems must comply
Nowadays, AV installations must comply with the same set of rules that are more associated with IT integrations. Equipment needs to embrace standards to ensure maximum connectivity, be easily monitored and maintained.
In the boardroom, AV equipment offers users the functionality to seamlessly share their data with others, local or remote – no matter what the device. If the devices are connected to a local network to share the information, then security of both the device and network need to be carefully considered, including having the right levels of user access control in place.
Digital signage devices are becoming far more sophisticated, with their own built-in operating systems delivering a much better return on investment and functionality. However, the increased capabilities come with increased risks and if a device has its own operating system, it can be hacked. How many AV devices that you’ve connected to a network still have the standard manufacturer username and password for instance? One vendor says as many as 60%!
Traditionally, facilities and office managers have been responsible for AV installations with very little involvement from the IT department. But as AV equipment becomes more sophisticated, it needs to be considered as an IT function due to installations sitting on a fixed or wireless network.
IT managers are now becoming more responsible for AV systems. Logins and guest access codes should all be treated in the same rigorous manner as IT security systems.
AV professionals now need to be aware of customers’ security policies before taking on any project. Both existing policies and processes need to be taken into consideration and an assessment of the current threat needs to be considered. To do this successfully requires co-operation and integration between those involved in AV and IT.
Successfully selling AV is therefore no longer a simple product sale. The integration of AV and IT has led to the rise of solutions looking and acting more like IT systems. AV equipment needs to be seamlessly networked within the IT infrastructure, monitored in real time and deployed with a high level of security. This clearly requires a greater depth of knowledge and partners that can deliver that. And part of that knowledge is the communication to the customer – the ability to talk to the IT departments in their own language.
As an industry we need to be more mindful of these facts. It will only take a couple of well-publicised AV equipment hacks for customers to panic about their current solutions. By auditing existing implementations and conforming to IT security practices for new installations, we will ultimately deliver a better user experience and allow our industry to continue to flourish.
Time to check those passwords…