There’s No Crying in Network Security

Like peeling away layers of an onion, securing today’s networks means understanding A/V.

There’s No Crying in Network Security

After spending millions to lock down the security of routers, switches, firewalls, and servers, did you think to check the teleconferencing system?

Let’s be realistic, no hacker is going to break into a network just to make the motorized window shades go up and down. Or to find out when a projector lamp or printer toner cartridge is due for replacement. Though the customer database and credit-card data or employee master payroll file constitute more likely targets, wreaking havoc with lighting, HVAC, and facilities management applications is no less tempting a target — at least for the recreational hacker or so-called hacker-in-training.

However the threat matrix appears, playing a strong defense is the best offense. So, who ya gonna call? It won’t be Ghostbusters. We opted for a security expert.

Phillip Mahan is director of Risk Services for the Continuous Security and Compliance practice of Williams & Garcia, an Atlanta-based technology solution provider. He has plenty to say and lots of stories to tell.

“A lot of the security breaches that I see boils down to failures of the simplest kind. I see crucial networking hardware in production with the default user name and password still in place. In corporate conference rooms and even boardrooms, I see user names and passwords for accessing the network or A/V controllers written on yellow Post-it Notes. Whether it’s an A/V room controller or a network server, these are nothing more than IP addresses that need to be protected.” Whenever the ugly Post-it breach is discovered, Mahan discreetly changes the password, removes the offending cheat sheet, then diplomatically explains the judgment lapse to his client.

Security consists of two components, the product itself and the policies put into place by the end-user organization, regardless of vertical industry. A device that incorporates the most robust access protections is wholly unsecured if the user name and password is written on a little yellow sticky not, whether or not the default has been changed.

The products themselves do pass muster, according to Josh Stene, director of Technology Management at A/V solutions manufacturer Crestron. “Products routinely conform to accepted

Latest Resource

How Cloud-Based Control Is Taking the Industry to the Next Level
An introduction to the new face of AV control & stories of how cloud-based control is taking the industry to the next level.

Article Topics

Trends & Advice · AV · Conferencing · Control · Crestron · IT · Lighting · All Topics

The Bottom Line on Technology? TechDecisions Magazine

Save time and money for your company by turning to TechDecisions magazine before you invest in new technology. No matter what your concerns are — AV/IT, videoconferencing, digital signage, security, collaboration or control — a free subscription to TechDecisions magazine has you covered.
Find real-world examples, trends and advice from installers, users and technicians who work with technology daily. Subscribe today for your free issues!

Corporate TD © 2015 EH Publishing. All Rights Reserved.