We talk a lot about cybersecurity in our posts because it’s on the top of almost everyone’s mind today. What often gets lost in the conversation is the need for sound physical security practices and secure AV communications. These areas are also vital if you want to fully protect your data and business. As our CEO wrote in a recent post, “physical security and good AV tools are keystones for success.” At the same time, the Cybersecurity and Infrastructure Security Agency (CISA) has written about the convergence of physical security and digital security, even offering a Cybersecurity and Physical Security Convergence Guide.
While physical security is crucial, safeguarding your AV equipment is just as important. Today, AV includes projectors and speakerphones, as you’d expect. But every laptop is also an AV device with a camera and mic, and any other AV-enable device that’s connected to your network exposes another attack surface. Here are some steps you can take to tighten your physical security and protect your AV communications.
Physical security
1. Set up physical perimeters and entry controls
You need to place barriers that prevent unauthorized individuals from gaining physical access to sensitive areas. Card-or password-controlled entry doors and staffed reception areas are a priority. For especially sensitive places—your data center or other high-risk areas—add another layer of physical access entry controls so only authorized people can get in. Data centers—or wherever your information systems are kept—should also be monitored with intrusion detection alarms to detect and alert you regarding any incidents.
Access logs that record everyone’s entry and exit from sensitive areas should be reviewed regularly and can be invaluable in identifying causes if an incident does occur. Video surveillance cameras for these same areas—and beyond—also elevate physical security.
2. Protect your physical infrastructure
The energy that keeps your business running—as well as your water, heating, and air conditioning—needs to be secured. You should ensure you have an uninterruptable backup power supply that can meet your requirements if there’s an outage or natural disaster. Also, your power and communications cabling must be protected from damage, destruction, or interception. In addition, physical access to your information systems connections should be controlled.
Depending on the level of risk you face, it may be worth looking for outside help fortifying your physical security. An experienced full-service provider can help you design, install, and support the defenses you need to enhance your physical security.
That typically starts with an expert assessment where your level of risk is determined, identifying where more robust physical security measures are warranted. The provider should design a custom system specifically to meet your requirements and offer the latest physical security technologies, from access control to intrusion detection and proactive monitoring to facial recognition.
AV communications
3. Require strong passwords
Like every other network device, most AV equipment has preset default passwords and usernames to simplify setup. These are often left unchanged after installation, making them an easy target for hackers roaming networks looking for vulnerabilities. You should establish policies requiring unique, new usernames and passwords for every device connected to your network, including AV devices. You can further improve your password hygiene by making sure the same usernames and passwords are never used across applications and systems by admins or end users. And scheduling required password changes on a regular basis for every connected device adds another layer of protection.
4. Disable AV options and isolate your AV devices
Your AV equipment likely includes additional services, connectivity protocols (FTP and DNS, for example), and settings that you don’t use. You should disable these unused ports and, when available, increase your equipment’s security settings to the highest logical level. AV equipment can be an easy way for hackers to get into your systems. You can prevent that by creating a separate virtual local area network (VLAN) for your AV devices, so the hacker can’t get further access if one is breached. Most AV devices also let you put them on an internal AV VLAN, providing a single connection point to the network, separate from all other devices.
5. Keep everything patched and up to date
Just like your other devices, it’s crucial to keep the firmware in your AV devices up to date. AV devices usually have fewer updates and upgrades, so they often get lost in the IT shuffle. But they can provide critical protection against malware and other attacks. Make sure any firmware updates come from trusted sources to ensure they aren’t infected.
6. Outsource your AV
With IT teams burdened with more pressing issues like ransomware and cyberattacks, it’s also worth looking for outside help for your AV requirements. As with physical security, outsourcing your AV takes another burden off of IT while ensuring that you have optimized, easy-to-use AV solutions that foster collaboration and productivity—without sacrificing security. An experienced provider can design, install, support, and maintain your AV solution while giving you access to the latest technologies.
Thank you for trusting us to help with your physical and cybersecurity needs.
Contact us any time—we’re always happy to help.
Adam