Page 28

28 SPECIAL REPORT: CYBERSECURITY

January 2018

Ask the makers As we’ve seen, integrators need to make their systems as secure as is reasonably practicable. For the second part of this special report, we ask: what can manufacturers do – in terms of either design of products or provision of information – to help? Steve Montgomery reports

Key Points

I

n an age of ever-increasing security threats, the number of attempted and successful attempts to break into IT networks has never been greater. At the same time more devices are being connected to networks and users expect to be able to use them seamlessly, without having to go through rigorous security procedures and set-ups in order to make them work. This puts IT and AV system integrators and administrators in a quandary: how can they ensure simple and widespread access to controlled and uncontrolled devices, while ensuring total security from external – and in some cases internal – threats? Part of that strategy is aided by the range of security measures and procedures integral to the AV devices used; and those are the responsibility of the equipment manufacturers. No network-based system can be totally secure, no matter what level of security is included, and this is compounded by the ongoing demand from users to add devices, including uncontrolled personal ones, together with the need to access the outside world through internet browsers and email connections. However heightened security measures increase cost and complexity and reduce user convenience. “With any kind of security system, IT or otherwise, the main issue being discussed is a balance between what could happen: the hazard, against risk: the chance that

something might happen, weighed against the cost to prevent or mitigate that risk,” says Chris Fitzsimmons, product manager, video products, Biamp Systems. “There is never a black and white answer, just increasing levels of confidence in a system based on the steps taken to mitigate high-value items.” With the increasing sophistication of AV devices and the associated network connectivity, AV systems must include comprehensive security procedures to reduce the risk of cyber attack from both external and internal sources. Terry Galvin, managing director of Indigo IT, explains the implications: “AV devices are no different from any other device or IP-based equipment on a network, in that the network manager has to control the environment’s security and ensure that compliance to the networks security policy is met.” Ensuring system security is not a one-time operation, but a continuous process that starts during planning and continues for the lifetime of the devices or system. Says Fitzsimmons: “Before customers even talk to a manufacturer, they should have a clear understanding of what they are trying to avoid or prevent. There is no such thing as a perfect security solution. In fact, security risks are a moving target, and what is safe today will not be safe tomorrow. Security policies and mitigation strategies should be viewed as an

„ No network-based AV or IT system can be totally secure „ Threats and challenges to systems change in time, and counter-measures need to be constantly updated „ Manufacturers can aid integrators by collaborating and discussing three main areas of concern: network access security, product access limitations and data encryption „ Integrators should engage in dialogue with manufacturers to satisfy themselves that their systems are sufficiently robust against cyberattacks ongoing effort, not a ‘one and done’ approach. Strategies need to be continuously re-assessed in the face of new information. This requires continuous dialogue with the manufacturer and a commitment in response that they will support this ongoing effort.”

Three areas There are essentially three main areas of security that should be considered by all AV system integrators planning to install complex, network-based systems. Each of these can be addressed in conjunction with device manufacturers to check their adherence

Installation January 2018 Digital Edition  
Installation January 2018 Digital Edition  

AV integration in a networked world