Putting more and more technology on a connected network can introduce many benefits for businesses of all sizes, but it can also introduce new risks. More connected endpoints means more potential breach points for hackers.
The internet of things (IoT) has added billions of web-connected devices to business networks — from sensors monitoring soil moisture conditions to cameras measuring queues at quick service restaurants and public attractions. The real-time data from these sensors and other connected devices helps businesses optimize operations and improve their customer experiences. However, connected devices can elevate risk for operators, which makes it critical for IT teams to make technology choices that minimize threats.
Digital signage technology in particular is now common across most business sectors and can be found in education, healthcare, government and even places of worship. In almost all cases, display networks are internet-connected and use a variety of technologies to distribute and update valuable, timely messaging.
Digital signage can pose risks – unless those devices are secured from the start.
Real, pervasive threats
Cybersecurity breaches make headlines when they affect major corporations and high-profile services like social media platforms. These periodic incidents might seem to suggest that breaches are isolated events, but they’re really everyday occurrences that affect businesses of all types and sizes. Almost two-thirds of U.S. companies say their data may have been compromised within the last 12 months due to a hardware-level or silicon-based security breach, according to CSO Online.
Large companies tend to have internal or contracted IT resources squarely focused on network and data integrity, but a Keeper Security survey found a disturbing amount of complacency among decision makers at small and medium-sized businesses (SMB).
Integrate digital signage in the control room
Streamline mission-critical workflows and content management with secure, large-format displays. Download Now
The survey found that cybersecurity was not a worry for most:
- Of the respondents, 60 percent did not have a cyberattack prevention plan.
- Only 9 percent of businesses ranked cybersecurity as a top business priority, and 18 percent ranked cybersecurity as their lowest priority.
- Nearly half (43 percent) said a cyberattack is not at all likely.
Locking down connections
Getting hacked can be a nuisance or even a disaster for digital signage network operators.
Digital signage controlled through external connections (such as the internet or Bluetooth) could carry potential vulnerabilities to be remotely compromised and used to run unauthorized content. The greater risk, though, is that connected devices could provide a side or back door for hackers attempting to breach business networks and systems that manage payment and customer loyalty data.
Risks and countermeasures may vary from business to business, but there are some useful initial steps any business operator can take, such as ensuring that technology is coming from a safe country, and using technology with high levels of security already baked into the design.
The U.S. Trade Agreement Act (TAA) of 1979 fosters fair and open trading of manufactured goods, such as electronics, between countries, but it also reduces risks that originate from nations with suspect practices.
If a business works with the U.S. government, winning contracts is not even possible unless the technologies being used are TAA compliant — meaning they’re U.S.-made or the end products come from a list of designated countries. All products must be either manufactured or “substantially transformed” in the United States or a TAA-compliant country. The list of compliant countries is long and includes electronics hubs like South Korea. Non-TAA countries include China, Russia, India, Indonesia, Iran, Malaysia, Pakistan and Sri Lanka.
The government contract penalties for being noncompliant include cancellations, suspensions and fines.
Secure from the start
Security countermeasures can be layered on, but sourcing and selecting technology that has security baked into the design provides a solid, supportive foundation for a digital signage network operator’s work.
Samsung’s smart digital signage platform is focused on all-in-one displays with media play-out, connectivity and storage components built into the screen enclosure. That means tampering with key components like the media player is almost impossible because it is contained within a sealed unit. Moreover, smart signage displays ship with Samsung Knox, a military-grade enterprise security platform that’s built in from the chip up. Designed initially for smartphones and other mobility devices, and extended to digital signage, Samsung Knox protects applications and data by strictly defining what each computing process is allowed to do, and what data it can access.
Knox is integrated with the software layers of a smart digital signage network to separate data and constantly check the integrity of the device. These defensive layers detect any tampering to ensure that the data is secure.
The Knox platform runs on both Android and Samsung’s own Tizen operating system. It verifies that only approved versions of system-critical software are loaded. Because Knox is built in, the process of trusting software can start within the hardware, with unique certificates burnt into the chipset of each device.
Though it is intended to lock devices down and prevent attacks and malware, Knox doesn’t constrain what authorized operators can do. Many digital signage network operations base content messaging and scheduling on real-time data shared by other business systems. For example, the digital menu displays used by many restaurant chains are directly tied to the pricing and menu options managed in restaurant systems, such as point of sale.
Data security and maximum uptime are critical to any digital signage network operator. Steady vigilance is important, and ensuring a baseline of secured technology is a great place to start.