It’s Monday morning. You’re standing in the incredibly impressive foyer of your headquarters with other members of your management team, waiting to welcome your biggest customer’s audit team for their annual inspection. Behind you, the state of the art video wall that you installed at substantial expense proclaims: “Acme Finance International welcomes Buston and Hodges”. But, as the customer team walks through your door, the video wall suddenly starts showing what one might call ‘scenes of a sexually explicit nature’.
Couldn’t happen? Well, yes it could. It happened at Union Station in Washington DC in May last year, when digital signage screens started showing PornHub videos. Recall, of course, that digital signage is not the unique preserve of out-of-home and retail: few major organisations do not have their own internal networks.
In another incident at a Burger King in Southgate, Michigan in February, the fast food outlet’s in-house digital signage started playing what was described as a “graphic sex scene”. A father who was there with his two sons at the time reported the matter to the police. However, according to reports, “another man allegedly watched with interest”.
“Failure to take necessary security precautions leaves digital signage networks, for lack of a better term, exposed,” notes Jeff Hastings, CEO of BrightSign, alluding to the stories noted above. “Most digital signage is now connected to pull real-time content, or for the purpose of remote network management. Internet connectivity leaves signage networks vulnerable, and software is the only deterrent that stands in the way of hackers. Unauthorised access of signage networks happens more frequently than you may think – and certainly more frequently than is reported in the media.”
Wolfgang Haunschild, product marketing manager, NEC Display Solutions Europe, agrees.
“For me, the most crucial aspect in AV security is to maintain full control over the AV system,” he says. “It has to ensure that no one can access information from internal communication systems like video conferencing or network connected boardroom displays which might include critical company data. It must also ensure that, for digital signage applications, an intrusion into the signage network from external parties is prohibited, otherwise system attacks might take over the signage system and play out different or even harmful content.”
No-one encourages this kind of security breach, do they? Or do they?
“Recently, I was in a government facility where digital signage was being used in a lobby area,” remembers Rainer Stiehl, vice president of marketing for Europe at Extron. “The wall-mounted display had a small Windows computer behind it that was running the signage. Unfortunately, the PC had a label on it that listed the device IP address, MAC address, gateway address and username/password. This practice likely makes it very easy for a technician to service the device, but it makes little sense from any security perspective.”
In any discussion of the security of AV systems, it’s inevitable that the majority of the focus falls on cyber-security and the potential for problems to arise from, or compromise, any network-connected device. It’s all too easy to overlook physical security.
“Effective security policy takes a tremendous amount of planning and coordination,” says Stiehl. “Often, that policy is heavily biased towards using information security tools to protect property and information access. Physical access to devices is by far the most expedient path to a compromise, since nearly every AV device is connected to the network.”
Preventing unauthorised access to equipment is certainly one way of minimising the threat of worms, Trojans, rootkits, keyloggers, spyware, ransomware and so on – but it has other benefits.
“We were asked to provide streaming services for an important seminar at a high profile university,” recalls Chris Rawden, head of the communications and collaboration team at UK integrator Saville. “Having established there were suitable wall mounted cameras and lectern-mounted microphones already installed, the team arrived to set-up on the day for the show – only to find no cameras and no microphones. The assumption that the cameras were safe because they were located high up on the walls of the lecture theatre, and therefore did not require security brackets, proved erroneous, and the assumption was that the installed microphones in the lectern were of no use to any one and therefore never locked away when the room was empty. Saving money on install costs by not specifying anti-theft brackets proved very expensive in this case. Luckily the show went ahead as the team had brought extras as a precaution.”
Even lowly remote controls can have a habit of ‘walking’, Rawden notes. “If someone decides to ‘borrow’ it, how do you turn your expensive AV system on just before the board meeting?” he asks. “How valuable is that remote now?”
And if it’s clear that you shouldn’t stick potentially security-compromising information on the side of a PC, or ensure that easily-stealable equipment is secured, there are other considerations that should be no less obvious.
“Any password is better than the default one used to initially set up a device. Have a password policy that requires that level of accountability as a minimum”
“Users that don’t take the time to modify the default passwords associated with the system put the system at risk,” says Art Weeks, IP product manager at ZeeVee. “Changing passwords doesn’t guarantee that someone can’t access the control system for the AV over IP deployment, but it’s certainly better than leaving the easily guessed defaults.”
“Customers must change the default passwords in devices,” agrees Stiehl. “Any password is better than the default one used to initially set up a device. Have a password policy that requires that level of accountability as a minimum.”
And then there’s the question of prying eyes.
“Residual presentation or collaborative material – for example images, spreadsheets and presentations – left on screens or stored locally should also be of concern,” believes Andrew Hug, vice president, systems engineers, EMEA and APAC at Polycom. “There’s also, during presentations, the concern of restricting and/or controlling viewing beyond the current meeting room.”
Beyond that, there’s the whole issue with the BYOD phenomenon.
“Security breaches can occur due to anything – from room visitors to remote participants’ choice of connecting devices,” adds Hug.
“A widespread assumption is that it is OK to connect external devices such as user laptops to a network ad hoc”
“Organisations are increasingly interested in solutions that enable wireless content sharing between devices and AV hardware,” points out Guillaume Oliveira, pre-sales engineer at Sony. “This increase in demand for sharing content with connected devices poses security risks. Now that AV solutions are being connected to IT systems, it’s time to see additional checks to ensure content is encrypted and there is no risk of network folders being breached.”
Rawden adds: “A widespread assumption is that it is OK to connect external devices such as user laptops to a network ad hoc. This is usually down to a lack of understanding to define and fully understand the implications of network connected devices. Without a thorough understanding of the OSI model, it can be extremely easy to compromise the security of a network in blind ignorance.”
Securing an AV installation is, indeed, a multi-faceted challenge. For Rawden, job one is to try to eliminate mistakes.
“Often, a breach in network security can be traced back to human error,” he believes. “Forgetting to update security protocols, or adding a piece of equipment without thinking the implications through thoroughly. Too many users have systems that do not cater for auto updates, usually through an unfounded fear of the system suddenly stopping working. Then there are those who do not have regular maintenance and reviews scheduled. As an integrator, it’s our job to ensure that, where possible, clients are made fully aware of the benefits of regular or automatic updating of equipment security settings.”
“This may sound cliché or obvious, but the weakest link when it comes to security is simply the lack of either education or diligence”
Jason Fitzgerald, product manager at Gefen, develops the theme.
“This may sound cliché or obvious, but the weakest link when it comes to security is simply the lack of either education or diligence,” he says. “Each installation is faced with its own unique set of challenges, but as the convergence of AV/IT progresses, there must be an understanding on both the AV and IT side of the potential risks that are involved with the merging of these two.”
“AV signal management has largely resided in a physical realm where video and audio signals have traditionally enjoyed transport over proprietary and closed systems/devices,” he continues. “The IT world has had to deal with both physical and virtual forms of data that can exist in closed or externally-facing capacities. As these two forces meet, especially in the light of the AV over IP revolution taking place, all facets of how the physical aspects of AV interact with the IT world need to be understood with the appropriate level of security measures taken.”
That leads to the question of taking advantage of the security facilities available within the underlying operating system. Here, there is some variation in opinion. NEC’s Haunschild is a believer in the prevalent industry standards.
“We recommend using the professional security features that are available for common operating systems,” he says. “Compared to proprietary operating systems that are also available on the market, common operating systems provide patches to prevent any breaches of security. For Windows-based PCs or slot-in PCs for example, all company-owned equipment must be part of a company-wide safety structure with the company’s specific Windows IT client installed to get maximum control over all kinds of security, patches, rights management and software distribution.”
“Similarly for Linux-based PCs or slot-in PCs,” he goes on. “Use Ubuntu for the Linux operating system. For the Raspberry Pi Compute Module, we recommend using Ubuntu for the NEC Edition of the Raspberry Pi to ensure maximum security.”
BrightSign’s Hastings has an alternative position.
“All too often, standard consumer operating systems such as Android, Mac OS, Windows and Chrome are used to drive signage networks,” he notes. “And while consumer operating systems solutions are easy to implement and feature-rich, they are notoriously difficult to protect. These operating systems are constantly updated as their publishers add new functionality and bug fixes. Each of these updates creates a new potential backdoor for hackers to exploit to gain access to the network. So, unless network administrators and software vendors are constantly looking for and shutting down these backdoors as they’re created, hackers will find a way in.”
“Hardware and software created with the sole purpose of powering digital signage has a significant advantage over consumer-oriented operating system solutions,” he adds. “Proprietary operating systems that are built solely for digital signage far surpass consumer-oriented operating systems in their approach to security. Beyond that, purpose-designed software is also not generally available on the open market for hackers to study.”
What other advice does the industry have? Hug is clear on how to begin.
“Businesses need to clearly outline and define the applicable legal constraints and data requirements,” he says. “This can differ between industries. For example, an educational institution will operate very differently than a medical institution and so on. Developing the right security blueprint and following it diligently will ensure that for businesses” adds Oliveira, “as this allows you to immediately identify issues and take action to solve them.”
“Ensure you take the time to design for least privilege and get the applications working with security turned on, not get everything working without security and plan to turn it on later,” Weeks advises. “Later never ends up coming, and by then the system has grown so huge that the pain to secure it is many times bigger.”
“In an AV over IP system, I’d recommend keeping the video traffic private from the main network,” he adds. “This can be done as simply as adding a new VLAN for the AV equipment. Many customers create a dedicated AV network that is physically disconnected from the main network.”
Gefen’s Fitzgerald offers some compelling counsel.
“The most important thing is to plan and discuss,” he believes. “In the converging world of AV and IT, discussions on what, how, and where AV is intended to coexist within an IT network are a requirement. In an installation where existing expertise on network topology exists in the form of IT personnel, leveraging and consulting with that expertise will result in ease of installation, ease of operation, and addressing of security concerns. Even in cases where standalone systems are being installed from the ground up, it is almost impossible to ignore the use of networking for control and management of a system.”
For any organisation, designing and implementing appropriate security measures to ensure the integrity of its network and data involves some degree of compromise along a continuum that stretches from ultimate ease of access for all at one end to total security at the other. That becomes increasingly difficult to to call in a collaborative world in which not all users of the system will be the organisation’s employees.
“The consequence of heightened security is, of course, its impact on use, with complicated VPN and logon scenarios driving a wedge between security versus practicality,” says Saville’s Rawden.
“There are always trade-offs,” notes Stiehl. “Decision-makers routinely balance the functional needs of AV devices with the network security policies of the organisation. Having a strong policy, core values and procedures will help ensure that standards are met. Managing and mitigating risk always has an impact on accessibility.”
“There is always a trade-off between security, accessibility and ease-of-use,” echoes Hug. “A clear example of this is visitor presentation functionality – where non-staff members are allowed access to display or share content. The question organisations should ask is: how easy is it for visitors to use their own devices to share information with the audience?”
“The IT team will usually ensure work to ensure devices belonging to employees and staff are correctly updated and securely connected in line with the organisation’s security policies,” points out Sony’s Oliveira. “However, visitors will potentially have a trickier user experience when connecting to AV installations. It really depends how the network and IT architecture is set up. User adoption is a major part of the success of any network and anything that stands in the way of that will have a significant impact on take-up and ultimately productivity,” returns Rawden. “This applies to the hardware as well. Make it difficult for people to use and they won’t. It’s that simple.”
Opportunities and challenges
The increasing networkability of AV solutions, in parallel with the growing convergence between IT and AV, is undoubtedly creating significant opportunities – but also important challenges. Security, and especially cybersecurity, is unquestionably one of them. Presentations have always been potentially visible to unauthorised eyes, and AV equipment has long been susceptible to disappearing in unexplained circumstances. It is, though, imperative that, with the focus on network and data security, the basics are not overlooked.
But when it comes to the newer challenges, the good news is that AV professionals can – and should – leverage the wealth of experience and expertise that IT organisations, together with vendors and integrators, can bring to the table, such that an unfortunate repetition of those graphic scenes in Washington on Monday 15 May 2017 become substantially less likely.