Getting ready for digital signage 6: Safety

This article is the sixth in a series about choosing the network architecture for your digital signage system, If you're new to the concept of digital signage, or unfamiliar with the different architectures that existthen start with this article: Digital signage: getting ready. If you missed the previous article, see: Getting ready #5: Connectivity and bandwidth

In the age of watches, connected cars and the proliferation of cloud solutions, the security of such systems is a recurring issue. Such considerations do not spare digital signage, and are often at the heart of decisions concerning the choice ofdigital signage model, particularly when the use is dedicated to internal communication. Security in a digital signage system, like anywhere else, is above all a matter of compromise. Is the customer prepared to sacrifice functionality, speed of execution and user comfort for the sake of greater security?

Security in a digital signage system, as in any other information system, is a complex notion, based on a relationship of trust with the service provider. It's a subjective notion, determined by the client company's strategy and what it deems to be the worst consequence of an action attributable to a lack of "security". In the specific case of digital signage, the main concerns of corporate customers are, as a general rule, the following:

• Corporate imageAuthenticity and consistency of displayed content.
• Confidentiality of corporate data and content.
• The integrity and inviolability of the company's information system.

Although the SaaS model is often criticized for its "security" problems, and the on-premise model is much more popular, it 's difficult to draw conclusions on this basis alone, since there are so many different implementations, each with its own specific features. By focusing on these main concerns, it is nevertheless possible to lay some foundations, but also to raise some questions.

Digital signage in general

As a reminder, a digital signage system, reduced to its simplest form, can be summed up as follows: A communicator wants to display a message on a screen. The message is in the form of a file (image, document, video). From his workstation, he sends this file to the digital signage system's servers. When it's time to broadcast, the server sends the file to the player responsible for broadcasting. The player reads the file and broadcasts the message. Although simplistic, this case involves several pieces of equipment (and people), each likely to present security risks . in view of the company's concerns.

Corporate image

Digital signage is a communication tool. As such, like all communication tools, it conveys messages that engage the company and help forge its reputation. These messages represent the company to its target audience. These messages must therefore be those (and only those) that the company decides to send, without any accidental or intentional alteration. Nevertheless, many alterations can occur between the time content is sent by the communicator from his or her workstation and the time it is broadcast on the display players. While the implementation of an on-premise model suggests the elimination of this problem, it only reduces its scope to a physical presence close to the company. To ensure that content is authentic and unaltered, customers should check the following points with their service provider (or ask for them to be set up):

• Is the task of creating content and distributing it assigned to the same person?
• Is the person in charge of content distribution reliable?
• Does she have a good knowledge of the software?
• Is it the only one authorized to distribute content?
• Does she share her login details?
• Is a robust password policy in place on the management software (use of special characters, numbers, minimum length, frequent change, etc.)?
• Are passwords kept on a post-it note?
• Does the software implement a file signature policy?
• Are files to be distributed signed?
• Are the software and systems used by the player reliable and up-to-date? Do they present any vulnerabilities?
• Are the screens physically accessible?
• Is remote control activated? In an extreme case, where content is altered, is a backup solution in place to interrupt the broadcast of this content? Is there a record of who broadcast the content?

So, in the case of file signatures, the threats are to be found in the distribution player, the management software (and the person(s) responsible for distribution). The choice of display system model is therefore of little importance.

Data confidentiality

Depending on the target audience, content may require a high degree of confidentiality. Indeed, broadcasts may reflect strategic documents or results whose public dissemination could cause harm to the company. Ensuring that such content is confined within the company is therefore a priority.

However, for the digital signage system to function perfectly, it is necessary to store the content to be broadcast on the system's server (or at least have it transit). At first glance, the implementation of an on-premise model suggests data containment on the internal network and therefore a high degree of content protection, whereas a SaaS solution suggests the opposite. In both models, particular attention needs to be paid to the reliability of the management software, the person using it, and the password policy (and storage technique).

You'll also need to ensure that communications between the management software and the server are properly encrypted, particularly in the case of a SaaS model that uses the Internet. It is also necessary to consider data storage, and therefore the system's server.

• Is it located on the customer's premises (on-premise model)?
• Is the server accessible to anyone? Is it manned at night? Is it located in a datacenter (in most SaaS models)?
• In this case, is the datacenter located in a country governed by laws that authorize the collection of data?

Finally, it's a good idea to ensure that communications between the server and the players are correctly encoded, and that the broadcast players are not subject to exploitable vulnerabilities.
Some solutions include service for encrypting the files to be streamed. These are encrypted upstream, on the communicator's workstation, stored encrypted on the system's servers and then sent to the broadcast players, which are the only ones able to decrypt the files before reading them. In this case, the players also need to be physically protected.

Information system integrity

Today, the information system is the backbone of many companies. It is the foundation on which many services are built, enabling the company to live and evolve. A digital signage system requires the installation of equipment that needs to be able to communicate with each other, often via the company's internal network. What's more, these players are rarely accessible to the customer, and constitute a black box that is difficult to control. These black boxes may present reliability flaws or vulnerabilities that could be exploited to penetrate the corporate network, whether in SaaS oron-premise architecture. (In the latter case, physical proximity to the company is nevertheless necessary to exploit these vulnerabilities).
Particular attention should be paid to the vulnerability of distribution players.

• What systems and services do they run on?
• Are they up to date? Are there any exploitable vulnerabilities?
• Are they physically accessible? Is it possible to take control by plugging in an external device?

In the case of SaaS models, it is often necessary toopen ports on the company's firewalls to enable players to reach the provider's servers. In such cases, vulnerabilities could be exploited from outside the company. In this case, the question of server reliability once again arises. If it is possible to take control of the server, then secure communications between server and player, and the means of securing the player, would be ineffective. Nevertheless, a precise (but complex) configuration of the company's network equipment can significantly reduce the risks ofintrusions and compromises to the integrity of the local network.
The customer can nevertheless set up a local network distinct from the one used for its services, either physically (different cables, different routers...) or virtually, using VLANs for example. The service provider can also set up the alternative of using third-party network equipment, such as 3G/4G routers that connect players to the Internet without passing through the company's internal network.

Conclusion

So, while it's hard to believe that only an on-premise model offers "security", it's true that it's the simplest and most cost-effective way to implement satisfactory security mechanisms. While it is possible to achieve equivalent levels of security via a SaaS architecture, the solutions to be implemented are often more complex. Whatever the architecture chosen, it is essential to pay particular attention to the overall security policy, and toidentify sensitive points upstream, in order to prepare security solutions, in collaboration with the service provider, before the first equipment is installed. Other issues such as data loss, broadcast continuity and management interface availability may also be of concern, in which case it will also be imperative to identify them as early as possible in order to implement the right solutions.

Continue reading :

• Getting ready #1: Equipment
• Getting ready #2: Set-up time and effort
• Getting ready #3: Support technical and maintenance
• Getting ready #4: Training and familiarization time
• Getting ready #5: Connectivity and bandwidth
• Getting ready #7: Usability and scalability
• Getting ready #8: Pricing
• Summary: Getting ready for digital signage

Cenareo offers you an intuitive, scalable Saas solution, perfectly adapted to the needs of communications professionals in all sectors of activity: POS, in-house communications, hospitality and DOOH.

{{cta('2234d280-0394-4257-8e50-754f8a507348','justifycenter')}}