Discussing IT Convergence, Network Security at InfoComm 2015

Integrating AV with IT will require more than just collaboration. >

Josh Srago

The discussion of networked devices was, once again, a dominant topic at the InfoComm show. Over 39,000 professionals showed up to see just what’s going on in the AV space and see where they need to start pointing their companies in the right direction as they look to the future.

On Tuesday night, before the exhibit floor opened, the network device discussion began with the keynote panel discussion on the Internet of Things led by Nick Bilton of the New York Times featuring technologist from several prominent AV manufacturers.

Dominating headlines from day one of the show was the Harman’/tag/InfoComm’>More InfoComm 2015 Coverage

Security hit the forefront on Friday morning at 8:00 a.m. on the third floor as Paul Zielie of AMX conducted his AV/IT Security Needs Analysis training course. This was not a course for professionals looking for a light touch at understanding network technology. This was a deep dive into the importance for security needs analysis that the AV integrators are in dire need of paying attention to for their future as our trade shows and projects are seeing an increasing amount of network connected technology.

I once had an IT director say to me that there is no completely secure network; there is only the option of how much external access you want to allow your users. If you want a completely secure network then your best option is to go unplug your network switch, router or Wi-Fi access point.

In Zielie’s course, the attendees were given the resources and lessons in understanding how to take the a proper needs analysis of the devices that they would be putting on the network to determine what, if anything, would need to be done to protect the data on the same network.

This is hardly a new topic at InfoComm events as earlier this year David Danto hammered home the importance of network security for AV devices while giving the keynote presentation at InfoComm Connections in San Jose, CA. As opposed to that presentation which discussed the why, Zielie’s course actually examined the when and how.

The AV industry is still in its infancy when it comes to populating a device on the network. We still often rely on VLANs (virtual networks within a network), or even potentially air gap networks (a network that is completely isolated and unable to reach the outside world for remote access), or VPNs (virtual private networks where we log in remotely to update firmware, software, or manage other services).

While these are great tools for our purposes, we still so often rely on the network administrator to apply the proper level of security to these network connections themselves, not the devices that we are putting on the network.

More on Network Management from Commercial Integrator

When many of the retail network breaches occurred in the last year it was not through a PC that was connected but a system that we normally do not associate with the network connections—like the HVAC. AV devices are currently in a similar position, and the onus for responsibility is going to end up on the manufacturers of the products to provide stricter security measures within their products.

That doesn’t mean the integrators and consultants aren’t going to carry any responsibility, though, as the conversation with the clients must take place to determine what level of security when it comes to devices access is going to be required.

Until I took this course at InfoComm I hadn’t really seen the depth that was needed in the discussion of devices on the network and the importance of ensuring not just the network was secure but the devices themselves. The recognition in the industry is happening and manufacturers are starting to take responsibility, but the integrators also need to know that if they don’t know what questions they need to ask when populating devices on a network, they will end up just as susceptible to potential breaches that they could have prevented.