Is network security a concern with A/V technology?

Network security is a concern for any devices visible on the network, and that includes A/V technology, which is why certified A/V integrators should be consulted. A/V equipment manufactured by reputable brands and implemented by a reputable integrator will come fortified against intrusion, but more can be done. It is critical that your organization, business or school partner with an experienced A/V integrator, as these experts are familiar with how A/V technology is attacked by hackers and other threats. This knowledge is valuable in setting up an A/V system for maximum protection, but the continued defense of the system will largely fall on your IT personnel or A/V partner.

What threats does an A/V system face from intruders?

A/V equipment is a favorite target of intrusion as it can be used to disrupt and embarrass educators or presenters or used to compromise other network devices. Because A/V technology gone rogue can generate bad press and attract a lot of unwanted attention, integrators and IT personnel must also consider threats from the inside. Even a curious student or the resident jokester may find hacking into an A/V system a worthy goal.

What, specifically, can hackers and intruders do to A/V technology once they are inside?

• Discreetly and anonymously join conferencing sessions, including video conferencing sessions.
• Take command of system components, including cameras, microphones, speakers and anything else that might be used to disrupt a meeting or class.
• Record video and audio during a conferencing session, in a way that won’t attract notice from those involved in the meeting or class.
• Begin a conferencing session while the system is not in use. This can be done to eavesdrop on people in the vicinity.
• Run video or audio on displays and video walls. This is often done by someone looking to embarrass the organization or attract notoriety for themselves.
• Access room controls, such as volume and lighting levels.
• Alter the system’s configuration so that other features and components become visible or vulnerable to further attack.
• Send malicious code to the system in an attempt to execute a denial of service, or DoS, attack. DoS attacks can be piled on top of each other rapidly, making this a particularly painful form of intrusion.
• Punch a hole in the network’s security so that other network devices and systems can be reached and compromised.

As bad as that list is, hackers are always developing new tools to maximize their disruptive capacity when compromising a network. If a network is poorly guarded, there is almost no limit to the damage an intruder can do once they get inside.

How do network security and A/V technology come together?

Proper network security is instrumental in avoiding an attack. This makes for an interesting challenge because A/V and IT have long existed in separate silos, though this is changing quickly. Today’s A/V systems are fully integrated into existing networks, so they must be configured to the network and be part of the IT’s security plan. No longer does A/V technology exist on its own island – it must be incorporated into the organization’s larger network security protocol or it may soon be compromised.

There are several levels to this. One is enforcing certain behaviors on the user’s end. Another is choosing the right A/V technologies for the organization. Finally, any integrated A/V technology must be configured so that it is airtight on the backend.

Here’s several ways to fortify A/V equipment and the network it relies on:

1. Physically secure all A/V components – Before any A/V technology is integrated into the space, there must be a plan to physically secure it when it is not in use. As attacks can originate from within as well, exposed system components represent an imminent security threat. Lock away anything not in use behind secure doors and inside secure cabinets if the component will fit.

IT personnel don’t need to be told that physical security is important, but some A/V components are often overlooked when implementing security measures. For example, control panels are frequently exposed at all times. That’s a windfall for a would-be hacker. For this reason, A/V integrators recommend their clients choose control panels and touchscreens designed for A/V use. General use tablets are large and aren’t easily integrated into the room, which means they are harder to physically secure. In fact, businesses and universities often leave such tablets just lying around, begging to be stolen. Stick with A/V-ready control panels and you’ll have something that can be locked away in a drawer or cabinet.

2. Monitor A/V system performance at all times – IT has long relied on monitoring software to ensure their devices are functioning like they should. Changes in performance, unusual spikes in activity and operation during times when the system should be off are signs that something malicious is going on.

Fortunately, the A/V industry now recognizes the utility of monitoring software, and there are several options to choose from. These tend to be proprietary to the equipment manufacturer, which offers an extra security advantage, as hackers will likely be less familiar with manufacturer-specific software. However, without knowledge of A/V, it will be difficult to pick monitoring software that provides the ideal solution for an existing system and organization. An A/V integrator is a valuable ally for selecting appropriate A/V monitoring software, as they will have deep knowledge of all available software options.

3. Enforce stronger user controls – Anyone who will access the network must have a secure user profile that is given only limited permissions. Only IT and A/V personnel should have access to the system’s configuration options, as problems can arise even when someone is innocently changing system settings to get better performance.

In addition to blocking most users from accessing the system’s settings, consider more than just a simple password approach to security. While repeatable passwords are convenient and familiar to users, they are vulnerable to phishing attempts. If a hacker gets someone’s password, they can do a lot of damage while remaining off the radar for a while. Instead, implement a stronger authentication measure, like requiring users to confirm a code received via text message, or handing out hardware tokens, such as a USB key. These authentication measures act like a moving target to potential intruders.

4. Shield the network from the outside world – The IT world has a plethora of security tools at their disposal, and these tools should also be used to secure A/V equipment from outside intrusion. This includes configuring the system so that it is protected behind a firewall, using in-system programming or relying on virtual LANs. Also, the system’s master controller will be better protected if it is not running a basic operating system like UNIX or Windows. While these operating systems may be familiar and easy to use for most, they are also the most vulnerable to malicious code.

Don’t forget to change the system’s defaults, either, particularly for conferencing technology. Seasoned hackers know what the default security configuration looks like for many A/V brands and will use that knowledge to gain immediate access into any system that is relying on factory settings. Of course, an A/V integrator will not leave default security in place, which is another advantage of working with an expert.

Though A/V and IT may have developed in separate silos, they are now reliant on each other in building tight network security. If you want to keep you’re a/V system as secure as possible, you’ll need insight from certified A/V integrators and your IT personnel to make it happen.