Security, or rather lack thereof, has been a hot topic lately in the digital world. With the WannaCry ransomware running amock across the globe and our favourite rum-loving pirate’s latest instalment being held captive by hackers, it is an ideal time to make sure that you have an ironclad digital security plan in place.
This is especially important for digital signage network security. With some screens reaching thousands of people at a given time, even a minute of unauthorized content can cause major headaches.
Controlling access to your systems is a multi-layer effort with physical access, OS maintenance and application security all being important aspects of a more hacker-resistant system.
As most screens are located in public areas, it wouldn’t take a high-level hacker to change the content on your screens. Rather, someone could simply walk up right up, unplug your player and replace it with their own.
Therefore, the first step to make sure your network is secure is to restrict physical access to the network’s devices.
How to Restrict Physical Network Access
1) Make sure all screens are adequately secured to the wall and that all attachments (screws, bolts, etc.) are difficult to access and remove.
2) Keep all public players in a locked, break-proof enclosure and if possible, keep them out of sight.
3) Ensure all PC ports and connections are secured and be sure to password protect the BIOS to prevent the boot order from being changed.
Operating System Security
Without physical access to the screen, hackers must find a virtual backdoor into the system. However, be sure not to leave these doors wide open for them. With simple yet effective measures in place, access to your OS will be very limited.
The goal of locking down the OS is to only run services the player will actually need. The removal of these services gives the would-be hackers less to attack and will encourage them to move onto an easier target.
This will also benefit the player other ways. Less running services increases performance and reduces unnecessary software maintenance.
How to Restrict Operating System Access
1) Only give necessary applications access to your OS.
2) Be sure to disable all unnecessary network services and work with software that does not require open inbound ports.
3) Install a firewall to block unwanted incoming traffic.
4) Stay up to date with all security updates, even if non-security updates are disabled.
Your digital signage application is the heart of your player, managing playback and reporting. However, it adds another layer that must be secured. Data can be intercepted as it travels over the network and can be seen by possible hackers if not properly secured.
Even if physical access to your digital signage network is restricted and strong measures are in place to protect your OS from attacks, your network may still be at risk due to third party applications. Selecting partners that hold security to the highest standards is critical to your network operations strategy.
How to Restrict Application Access
1) Ensure your solutions are not using insecure protocols like HTTP or FTP for critical information.
2) Keep data secure by working with applications that have SSL certificates.
3) Even better, select applications that also add their own layer of encryption to all data so in the event of an interception, the stolen data would be unusable.
4) Stop hackers from pushing their own content to your screens by working with a software suite that uses a client-pull technology and disable listening on all ports.
5) Work with companies that undergo regular security tests and audits to ensure they are following current best practices.
So? How does your digital signage network security stand up?
Now that you have all the know-how, it’s time to audit your digital signage network security strategy. Are you protected from unwanted takeovers?
You can start with a basic security scan. If any of these ports are open, it might be time to reconsider your strategy.
Carefully considering the physical setup of your screens and players, protecting your OS and working with security-savvy application vendors are the three steps to take to secure your network.