Consumerisation and collaboration have brought many positive changes to the enterprise. Employees can now bring and use the devices they prefer and through social media, all have become used to sharing and communicating more with friends, and colleagues.
However, these changes also bring security risks - just who and what have you got connected to the network? If it was simply a matter of traditional IT products and regular employees, that would be complicated enough, but now all manner of smart devices, including an array of audio-visual, display and collaboration technologies, and itinerant visitors are connected.
Technology is not only pervasive in working environments, but also an integral element of our home lives as consumers. Widespread use can breed complacency, so organisations need to ensure they have the tools, systems and processes in place so that technology can be used safely and securely in the workplace.
In many organisations, cloud-based services are simple to buy to extend a project without bothering IT. Employees too are used to bringing or wearing their own devices. This trend towards ‘shadow IT’ and BYOD (Bring Your Own Device) has few technical boundaries. So, when a meeting room screen needs to be connected or a video feed is required, it is equally straightforward to deploy consumer AV devices or services.
This ‘BYOAV’ (Bring Your Own AV) might seem innocuous, but AV technology, consumer and enterprise, has followed the same trends as many other technologies - cost reduced (so easily affordable), network ready, often wirelessly (so always accessible), and open (so should be interoperable). But it brings with it often invisible, security issues.
What is worse is that AV equipment is frequently placed in locations where presenting and sharing involves third parties, either as recipients or co-presenters. Guest access to Wi-Fi networks is expected too and this should be secured or at least managed in some way, but, invariably, connections to AV equipment are more lax. Older systems may still rely on VGA connectors and cables, but sophisticated AV installations and the low-cost consumer options are increasingly wireless. Even if they include security, the chances are very high that it will be different to devices from other manufacturers in other rooms and different to what is in place elsewhere in enterprise IT.
AV also needs to be considered as part of an overall enterprise security. Decades ago, some companies worried about the ability for snoopers to be able to pick up the signals from monitors from a car parked outside of offices. Today, poorly protected wireless devices and networks pose a risk, but so too do big bright screens that can be photographed surreptitiously by mobile devices.
Both snooping on audio-visual technology by visual means and via an unprotected wireless network constitute security risks. Equally, high risk is the way that users - employees and third parties - authenticate to use or access AV systems. Dial-in codes, logins and guest access should all be treated in the same rigorous way as any other IT security. As it becomes increasingly simple to seamlessly share content electronically, so it has to be managed.
Security should be achieved through a combination of polices and processes as well as tools, but the first step is to understand the scale of the problem. This requires co-operation and integration between those involved in AV and IT. It starts with better understanding of the current capabilities of products available, their capabilities and limitations and the direction of innovation.
The AV industry is evolving rapidly, enabling businesses and organisations to be more dynamic, productive and efficient. With large display technology becoming much more affordable, screens are popping up everywhere - ad hoc meeting spaces, huddle rooms as well as more formal conference rooms. Companies from Google and Intel to Barco, Sony and AMX are making these accessible and attempting to apply security and control through their own systems.
Each are all very well in isolation, but in mixed environments and with so many other elements to consider, IT security needs to consolidate across diverse technologies in as seamless a way as possible. If measures keeping AV systems secure become too complicated or restrictive, users will simply bypass them.
Hence, in addition to AV/IT integration, IT security managers need to extend training and best employee practices for security to include the now essential visual and audible digital components of the enterprise. Unwanted data leakage is not just what is sent over the network, but may also be what is seen and heard.
To get a handle on where the market is heading and the security challenges that lie in store, Integrated Systems Europe (ISE) is a great place to start. ISE 2018 is Europe’s largest event for the professional integration sector. Joint owners of Integrated Systems Europe (ISE), AVIXA and CEDIA, offer a comprehensive programme of education sessions designed to further professional development. Available online to browse, there are security and technology focused sessions on video use, AV protocols and more.
In addition to the education opportunities available at the show, over 1,100 exhibitors across 15 Halls will be showcasing the latest technologies in the sector.
Industry renowned manufacturers and providers such as Sony, Crestron, Control4, Legrand, Savant, Z-Wave Alliance will be presenting IT and AV innovations for the security market at the event.
First-time exhibiters such as Intel Corporation (UK) Ltd and Exertis will be welcome additions to the show floor, ensuring that ISE 2018 will have more security solutions available than ever before.