Security. It can often be a dirty word, but not where digital signage is concerned. In fact, we can’t think of something more important than making sure your solution is safe.
Why? Simple really. If you have displays placed in public places they are exposed to thousands, even millions, of people at a given time. Now imagine that someone decides to hijack those displays, just for one minute. The end results may be severely damaging for your business.
So, how do you make your digital signage system hacker-proof? Security can be broken down into three distinct areas. The physical level, the operating system, and at application level.
If you get all three right, then you are on the road to having a very secure platform.
Let’s get physical
If we’re talking about displays in public places, it doesn’t require a top level hacker to change the content. On the contrary, anybody could simply approach the screen, unplug the player and replace it with an alternative. So, your first priority is to restrict physical access to your digital signage network’s screens and devices.
How to restrict access to your physical network
- Ensure all screens are properly secured to the wall and/or within a custom-made piece of furniture, and that it’s difficult to access or remove any attachments (screws, nuts, bolts, etc.)
- Make sure all public players are locked in a break-proof enclosed space and, if possible, keep them out of sight.
- Safeguard that all PC ports and connections are secure and, in case of PCs, ensure to password-protect the BIOS to prevent the boot order from being changed.
Protect your operating system
Great. Your displays’ physical security is at Fort Knox level. So everything’s fine and dandy, right? Wrong. Budding hackers will now try and find a virtual doorway into the system. So your next task is to make sure you don’t make it easy for them. You can do that with a few simple, effective measures. Firstly, lock down the OS so that it only runs the services your player actually needs. The benefits here are two-fold. Removing any superfluous services gives potential hackers less room to attack, while running less services increases performance, as well as reduces needless software maintenance.
- Disable all unnecessary network services and work only software that doesn’t require open inbound ports.
- Block unwanted incoming traffic by installing a firewall
- Make sure your security updates are current, even if if means disabling non-security updates
In cases when your digital signage software comes bundled with the underlying OS, all this should already be taken care of by the application vendor…hopefully. Always double check with your vendor.
Last but not least, your digital signage application. As it’s the nerve center of your solution, managing playback and reporting. That makes this layer of security is arguably the most important. Why? Because data can be intercepted as it travels over the network and can be seen by potential hackers if not properly secured.
This is called the ‘third party factor’, and it’s the reason why choosing partners which have security as their top priority is of paramount importance.
How to make sure your app is secure
- Avoid using insecure protocols, like HTTP or FTP, for critical information.
- Work with apps that carry SSL certificates in order to keep data secure.
- Better still, choose applications that also add their own layer of encryption technology to all data, so in the event of an interception, the stolen data will be useless or cannot be modified while in transit.
- Prevent potential hackers from pushing their content to your displays by working with a software suite that uses a client-pull technology and disable listening on all ports.
- Make sure that any players unaccounted for (it does happen) are not a security risk.
- Collaborate with companies that undergo regular security audits and tests to make sure that they are following current best industry practices.
If you take all the above on board, you’re well on the road to being more safe than sorry, as far as your digital signage solution’s security is concerned. Remember, the first step is to secure the physical setup of your displays and players. Then, make sure your OS is water-tight, and finally, be shrew (and demanding) in your vendor selection.