Having previously revealed the industry’s response to the latest security concerns from end users, before looking at approach needed to be successful in this IT-centric landscape. Ian McMurray rounds out this feature by considering the balance that’s necessary between security and ease of use.
The challenge for end users, and the integrators who advise them, is, of course, how to balance maximum security with optimum accessibility and usability? A measure as simple as access control via a user name and multi-stage authentication – sending a code to a prospective users’ mobile phone, for example – can be tedious and frustrating.
“While discussing security and convenience, we typically find that the more secure you are, the less convenient your solution is,” notes Crestron’s Toine C Leerentveld. “As a manufacturer, it is our job to find the right balance between the two while providing our customers with a secure and user-friendly experience. One of our goals at Crestron is to make sure that our devices do not compromise usability while integrating the level of security that our customers need. Using our Security Audit Tool and Crestron XiO Cloud, integrators can easily deploy devices in a very secure and IT-friendly manner without impacting the end-user’s accessibility.”
And, as ever, there is no ‘one size fits all’ solution: much, as always, depends on the application, as AVMI’s Stuart Davidson notes.
“We must always consider the intended use of the solution or system, and the risk that a breach of security of that system might introduce to other areas,” he says. “If there is no- or low risk of a sensitive data breach or impact to unintended services, then security measures can be relaxed – and naturally, this will often lead to a reduction in complexity.”
A key consideration for many organisations is the provision of guest usage of the network. Visitors need to be made to feel welcome – and where, in the past, the offer of a cup of coffee would mostly suffice, today it is generally the case that that also means providing access to the network.
“Guest networks are very popular today,” notes Leerentveld. “For example, every time you visit a company, they either offer you a temporary code or you have to provide an email address, and a sponsor then has to approve your access. Allowing visitors and guests to plug devices into Ethernet jacks to access the corporate network is a security risk. At Crestron, we make sure that guests have their own LAN separate from the corporate LAN to reduce the risk of unauthorised users accessing the network.”
Segregation
“The ability for guests to be able to integrate their own devices with corporate AV has been a challenge for a long time in the AV industry,” adds Davidson. “IT tends to segregate employee networks from guest networks – which creates challenges when users of both want to share content wirelessly in a presentation. Devices often do not sit on both networks, and IT can be wary of devices that do.”
“Usually, users on the corporate and guest networks each have access to the internet,” Davidson goes on, “and we’re seeing cloud-based bridging technologies being used very successfully to simply and securely bring them together.”
And speaking of the cloud… Looking to the future of security in AV systems and installations, it seems the cloud is not going to make life any easier.
“The trend is getting devices connected to the cloud for remote access and management,” says David Martens of Barco. “The IP-ification of the AV industry is now accelerating into connecting the equipment to cloud services – which, of course, significantly increases the cybersecurity risks related to those deployments.”
Not becoming simpler
It is, then, the changing landscape that represents as much of a problem for the industry as the continuing emergence of new threats.
“Well-known threats are easy to defend against; protecting your network against unknown threats is challenging,” says Crestron’s Leerentveld. “As a manufacturer, it is our job to be aware of these threats and have a resolution for them as quickly as possible. At Crestron, we frequently review any new threats that are discovered, analyse our product line up to see what products are affected by them – and then we publish ways for our customers to mitigate these threats.”
Identifying and planning for security threats in an AV installation, and implementing appropriate counter-measures has, perhaps, become the highest priority for everyone involved throughout the value chain.
CDEC’s Spiros Andreou is clear on the role of the integrator.
“AV systems are seen as a particularly soft target and, as integrators, we understand the trust that our customers place in us,” he says. “We consider AV security to begin with us – screening, certifying and training our staff to recognise social engineering, understand good data handling and support our compliance functions.”
Barco’s Martens puts it succinctly.
“All the trends in the market show,” he summarises, “that both on the AV vendor product development side and on the installer/integrator deployment side, security will become vitally important to stay in the market as a trusted partner.”
www.avmi.co.uk
www.barco.com
www.cdec.co.uk
www.crestron.com
