Hi. Welcome to Ingram Micro.

Please choose your role, so we can direct you to what you’re looking for.

If you’d like to learn more about Ingram Micro global initiatives and operations, visit ingrammicro.com.

10 do’s and don'ts of pro AV security

October 05, 2020

10 do’s and don'ts of pro AV security
Pro AV security deserves more attention. Maybe some solution providers think signage displays, media players and AV equipment aren't susceptible to malware, hacking and other threats. Maybe some solution providers consider cybersecurity outside their purview. In both cases, they're wrong. With the recent evolution of pro AV technologies integrating IP interfaces, pro AV solutions—and the networks on which they operate—are now at considerable risk.

Consider the threat. Every pro AV device you install that is networked either using an Ethernet cable or Wi-Fi is now a potential entry point for malware and bad actors. The result can be something as simple as an unauthorized user altering signage messaging, or much worse. Unsecured pro AV devices can be used as an entry point to your customers' IT infrastructure and private data. Malware can be installed. Ransomware can encrypt your customers' data and cripple their operations. Devices can be hijacked by criminals to play a role in widespread DDOS attacks on other targets. In any of these cases, your customer is harmed, your reputation is damaged and you might be pulled into legal proceedings—nothing you need to add to your plate in 2020.

Fortunately, adhering to some basic security best practices is probably enough to protect your customers.

10 things to do and not do when protecting pro AV devices:

  1. Do ensure default admin usernames and passwords are changed before your solutions are made live.
  2. Don't use the same admin username and password for all your clients.
  3. Do place pro AV solutions on their own network segment. In the event a breach occurs, only devices on the segment can be impacted.
  4. Do ensure the pro AV devices are behind a firewall. If no firewall exists, provide one. Once a firewall is in place, ensure rules are set to limit pro AV behavior based on requirements. For example, only open ports that are necessary for the solution to function. Media players should only be able to speak with their host servers.
  5. Do make security top of mind with customers, especially in verticals like education where on-site IT staff might be overwhelmed with other initiatives.
  6. Do update hardware and software with the latest patches. Even if updates don't provide exciting new customer-facing functionality, they might contain important bug fixes and security enhancements.
  7. Do enable encryption if the pro AV devices provide the option. 
  8. Do install antivirus software on any devices or servers that require it. Do disable remote access to IP-enabled pro AV devices if you aren't going to use the functionality.
  9. Don't rely on device manufacturers for security. History has shown that when IoT devices have been hacked, it's usually because of lax or missing security protocols from the manufacturer. By all means, make use of whatever security is put in place, but take your own steps as well.
  10. Don't leave pro AV solutions physically unsecured. Media servers, network switches and other devices should be unavailable to unauthorized personnel.
If you need support to provide any of these security services to your customers, Ingram Micro has an entire security business unit standing by to help. Contact Tom Jones, Ingram Micro's pro AV expert, to get the direction and assistance you need.