IT connected audio visual (AV) systems have become a de facto part of the technology make-up of many businesses. From large enterprises to agile start-ups, the ability to collaborate with geographically dispersed colleagues via data sharing, screen sharing, remote participation and video conferencing tools has become invaluable. With their increasing importance, the sophisticated AV technology upon which such services rely upon has become a prime target for hackers.
In short, every new AV device is a new endpoint that might be exploited by a hacker to grant access to the network. From zero-day vulnerabilities to human error, AV devices are no different to any other if they haven’t been properly secured.
As easy as Password123
While the threat landscape is comprised of numerous potential dangers for your business’ AV devices, there are some threats that are more commonplace than others. Default passwords are easily found in online manuals and provide an easy way in for hackers.
Malware poses a continuous and growing threat, accounting for up to 35% of security breaches and growing 70% year-on-year (according to Check Point Global Security Research 2015). IP theft has become a major issue, with hackers able to access any video or audio data associated with a hacked AV device, making it a popular way in to the network.
It’s an endpoint, stupid.
Companies with good cyber hygiene should find themselves in good stead when it comes to protecting their AV devices. AV device onboarding and patching should be approached in much the same way as it is for any endpoint device. It’s critical that AV device security falls under the IT team’s wider cyber security strategy.
If you can’t install endpoint security solutions on the AV devices themselves, so you should think about malware filtering in order to provide a minimum level of protection. This can then be supplemented by URL filtering and securing the Domain Name Server to protect data travelling to and from the device.
Analysing inbound and outbound traffic, to check for abnormal activity, can also be an effective tactic. Known as ‘intrusion prevention’, these systems can take immediate action when they encounter abnormalities, preventing attacks from taking place within seconds.
Divide and conquer
To set up the infrastructure in order to do this, you need to use network segmentation. Breaking the network into smaller groups of applications, limits the overall communication flow through your network, thus limiting the attack options. On the edges of the segments, you can implement security solutions to do the malware and traffic filtering as mentioned. Additionally, it also provides more insight into who can see what on the network, reducing the opportunity for human error.
Supplying the Security Substance
For those in the channel exclusively dedicated to the AV equipment space, knowing where to start with cyber security can be a daunting prospect. This is where distributors can play a major role through services such as providing cyber security consultancy or vendor certified technical and sales training.
Ultimately, AV device security needs to be approached with the same rigour as any other endpoint, with a focus on cyber security best practice such as changing default passwords and network segmentation. The benefits from AV technology are too great for businesses to allow these systems to be hijacked or disrupted by hackers.