How maintaining network and data security can help you take full advantage of AV-over-IP
In the past, audiovisual systems were typically contained within an isolated network. Today, countless devices connect to and communicate over IP networks to enable the exchange of data — including audio and video — in a wide array of applications. Highly interconnectable, scalable, and user friendly, AV over IP comes with many advantages, but it also can present an increased potential for security breaches. To make full use of the benefits of AV-over-IP systems, follow these seven best practices for AV-over-IP security.
1. Educate Staff
Thoroughly educate staff on how to use your network equipment. Without a thorough introduction to the AV-over-IP network there exists a greater chance of inadvertently creating issues that could lead to damage or outages and resulting downtime.
2. Encrypt Your Data
This best practice is short and sweet: Encrypt all of your data using SSL/TLS. Supporting data privacy, integrity, and authentication, encryption should ensure that communications between any two known “peers” remain secure.
3. Secure Your Devices
Ensure your devices are properly locked down with no open ports — such as VNC, SSH, TeamViewer or internal services — that could be exploited by hackers. Limit physical ports via your management platform to help prevent unauthorized access via USB or other hardware devices. Back-rack critical equipment, through AV/KVM extension systems, and use lockable cables to physically secure devices. Act quickly if a device vendor announces a vulnerability and apply appropriate patches immediately to close potential hackers' window of opportunity.
4. Choose Secure Credentials
Change default credentials and update passwords regularly. Never leave the default password on a new system or device unchanged. Use strong passwords and take steps to encourage staff members to do so as well. You've heard it before, but it's worth repeating: Strong passwords should have at least eight characters, including numerals, punctuation marks, and a combination of uppercase and lowercase letters.
5. Segment Your Network
A dedicated AV network (with a separate power source) can bring an added level of security to mission- critical display systems. With out-of-band (OOB) management capabilities, you can maintain access and control even if the primary data network goes down. You can also deploy a software-based site-to-site virtual private network (VPN) and use its dedicated connections and encryption protocols to securely display content on one or many displays from a single location.
6. Customize Your Approach
Consider how sensitive the data is and whether remote access is worth the added security risk and/or precautions necessary to protect that data.
7. Proactively Monitor for Threats
The combination of intrusion detection system and deep package inspection can help you identify unusual traffic on your AV-over-IP network. Together these systems can monitor various types of activity and automatically provide real-time alerts and alarms in the event of irregularities or attempts at network infiltration.
Security is largely a matter of common sense, backed up by best practices. Use these seven suggestions for securing your network and devices so that you can focus on the benefits of AV over IP.
To learn more about effective actions to secure your AV-over-IP system, download our free white paper AV-over-IP Security: Best Practices to Protect Your Network, Organization and the People You Serve.