Cyber security is an incredibly important topic to cover when talking about anything related to IT. This includes digital signage, maybe more than other aspects as it can have catastrophic results on your business and impact the general public.
When talking about cyber security in the digital signage industry, there are two main parts that need to be locked down and protected. The first is the physical device, if bad actors get access to the physical device, there’s no telling what they’ll be able to do.
Second is the CMS software that is used by the media player to play content. If this is breached, all sorts of troubles will start.
Some of the things that could happen if cyber security for digital signage isn’t taken seriously include: data breaches (including emails, passwords and other info), viewers being exposed to harmful content, devices going offline, and more.
All of these things will lead to one of the worst consequences for digital signage imaginable - people distrusting and refusing to use digital signage as an advertising platform.
Physical Device Cyber Security
One of the biggest threats to digital signage displays is when an unauthorised person gets access to the physical media player device.
If there are no security measures in place for this situation, the offender can run rampant, displaying any content they want, accessing inappropriate content, and potentially accessing other screens or even company data.
Other than causing havoc, they could also just steal the device, and we all know that these can be expensive to replace.
Fret not though, as there are plenty of easy-to-implement ways to prevent this from happening to your devices.
One of the first things that can be done is to make access to the digital signage media player harder. For example, keep it in a separate box, away from any other IT devices and include a unique lock for any latches/doors.
Once the media player has been secured, if it’s possible you should also install security cameras. Not only will you have video evidence of people attempting to tamper with your device, but it will also act as a deterrent.
Now that accessing your device is considerably harder, it’s time to make logging on to the device just as hard.
First, ensure that every device on your network has a unique username and password that only the required technicians know. To take it one step further, look at implementing a policy to have these change on a regular basis.
The next step to foil would-be hackers is to disable/lockdown USB access to the media player. What this does is stop anyone from being able to plug in USB storage devices and run programs.
One final tip to secure and protect your digital signage is to log any sort of maintenance access and changes. This is more of a policy/procedure, but it will ensure that you can track what is being done and when.
It’s important to note that whilst all these implementations and changes are possible for pretty much every type of signage and device, the way they’re done may be slightly different.
If you’re looking to really beef up your signage security, look for additional hardware such as the dpEMS by Design to Production. This device can be installed to help prevent and deter bad actors, along with making maintenance and management easier.
Software & Network Cyber Security
Cyber security doesn’t just apply to physical access of devices, in fact, it’s more common for cyber security attacks to be done via remote access through the internet and software.
These remote attacks can be just as devastating as physical attacks, it can also be a lot harder to know that they’ve happened until the bad actors finish making changes or stealing data.
It is a lot harder for these attacks to happen as it’s not as simple as breaking into a cage, but that doesn’t mean they can’t happen.
If hackers do manage to access your digital signage systems remotely they could launch a range of different attacks. For example, they could deploy content to any screen on the network, run malicious scripts via HTML packages, steal data about advertising campaigns, and potentially even financial data.
In theory, protecting your network from outside attacks should be easy, but it requires everyone in your organisation to follow procedures and policies, along with ensuring that software providers have security at the top of their minds.
Some of these processes/procedures are straightforward, such as keeping digital signage software up to date, along with having good anti-virus software on both media player devices and the devices your team uses.
Another procedure to keep in mind is having strong, unique passwords for every site and piece of software that your team uses. Whilst this might seem challenging, there are some great tools that make this easy to do.
Password managers are great for controlling the above, they make it so your team only has to remember 1 unique password, whilst being able to generate and securely store a range of others. For more information on finding the best password manager for your company, be sure to check out PasswordManager.com!
You might find it beneficial to use remote management software solutions such as TeamViewer, VNC, or others to keep your media players' firmware and software up to date.
If you do make use of these software options, ensure that only approved people/technicians have access and know the usernames/passwords. Limiting access for each account can help prevent account takeovers from being able to gain full access to a system.
It’s also important to ensure that hardware from offshore companies includes official operating system distributions and that these OS’ are fully supported by their parent companies (Android 10+. Windows 8.1+ and Linux Kernel v5.15.85+).
It is important to be aware of when a software's "end of life" date occurs because after that point, no new security patches will be released, potentially leaving you vulnerable.
Something else that can be done at a network level is DNS filtering. This can be done to an extreme by using a whitelist to allow only certain network requests, which does enhance security but is not practical in most cases.
Instead, a blacklist can be used, which allows a network to block requests to specific sites that are known to be malicious or should never be shown on a screen i.e pornographic sites. Blacklists can also be updated over time which makes it harder for bad actors to get unwanted content displayed on the screen.
When talking about network security, it’s also important to think about your in-office network, the internal network that staff log in to access the internet. This is another access point that needs to be secured and can be done so with intrusion detection systems.
Intrusion detection systems monitor your internal network for any suspicious activity and alert administrators when intervention is required. It’s a little more technical to set up, but worth it for the security and peace of mind.
One final tip for securing your network is to have a test device that is on a separate network, this way you can test things like HTML packages that you’re unsure of, as well as other software. Avoid loading code remotely from third parties as this can be used as an attack vector.
By using a separate test device on its own network, you stop potential hackers from being able to use it as an entry point to the rest of your digital signage media players. This practice alone could save your entire network and protect you from a range of hacking attempts.
How Doohly Protects Users & Devices
We at Doohly keep cyber security at the forefront of our development and business decisions. We’ve seen what happens when systems are breached and bad actors get access to information/systems they shouldn’t.
Our CEO, Sean Law believes that “digital signage has become an increasingly popular way for businesses to advertise and communicate with their customers, but with the rise of this technology comes the risk of cyber attacks. It's crucial for us as digital signage CMS providers to prioritise the safety of their networks and implement measures to protect our clients against these threats."
So how do we at Doohly work to prevent this from happening to our customers? We’re glad you asked, it’s one thing for us to say it’s a high priority, but another thing entirely to reveal how.
Our team is always security conscious, especially while building our software. We take steps to reduce the attack vectors for your device through our software. This all helps to keep your devices secure and your network running smoothly.
Our player software is constantly updated with both performance and security patches. We also look at both what our competitors are doing, and other cyber security incidents to see how these attacks happen and build the best products possible.
Our development team is also required to undergo annual security training. This ensures our team are using recommended security practices and is across any new potential threats and vulnerabilities that could impact digital signage networks.
We can’t reveal all our secrets to just anyone, but if you’re interested in finding out more about how we’re the most security-conscious and focused CMS provider, contact us today.
Cyber security threats will continue to exist as long as bad actors and hackers can cause havoc or make a profit. Hackers that want maximum impact and chaos will continue to aim for and attack digital signage networks.
The threats we’ve outlined above are just some of the ways hackers can impact networks and your business. Hackers are constantly evolving and developing new ways to infiltrate and disrupt your business.
At the end of the day, software and hardware can only be so secure, it’s just as important to implement and adopt strong IT policies and procedures. Users are still people, and people are vulnerable the same way networks are.
Things like falling for social engineering, phishing attacks, and using weak passwords and unsecured networks are all ways that users can compromise their own security and put your digital signage network at risk.
It’s important to do your research and stay up to date with current cyber security trends to ensure whatever happens next, you’re prepared.
If you’re looking to improve your digital signage network security, contact our team. We provide the most secure and up-to-date CMS solution and can help guide you through your hardware and software installations.