Historically, the biggest challenge to securing AV equipment has been the lack of standardized security profiles and policies for the Pro AV market. In the early days of AV, the gear was analog and the “corporate network” was not yet a thing. Early video switching and signal manipulation was very expensive and primarily resided within the broadcast television arena. However, as recorded and on-demand video sources became more popular and easier to obtain, companies like AutoPatch entered the market to provide audio and video switching from multiple sources to multiple destinations. Soon, a wide variety of institutions from government command-and-control centers to sports bars were embracing communication and entertainment with video. However, most times, the AV systems were still isolated from the enterprise network.
Perhaps even more important that the infrastructure to route audio and video from multiple sources to multiple destinations, is a control layer sophisticated enough to control them. For these growing systems to be manageable it became critical to control not only the AV sources, but the entire environment as well. For example, preparing rooms for the activities like powering gear, turning on or dimming lights, lowering projector screens, and shutting window coverings. AMX pioneered the technology to do this with ease, and quickly expanded the technology to include an even greater reach to include building monitoring, maintenance and scheduling with AMX’s Resource Management Suite. In order to communicate with all these devices and platforms on the network, the control layer brought the audio video switching off of its own dedicated infrastructure, and onto the corporate network. With the migration of control devices onto the network, our focus on network security began to take shape.
Now that security is a requirement for many installations, and recommended for all installations, it is critical that manufacturers in the AV industry maintain a security posture in alignment with customer security goals. At HARMAN, starting with our AMX branded centralized control and video distribution products, we are leading the AV industry to provide secure AV.
Security cannot be an afterthought. It needs to be a priority at product conception. In order to create a target for security development, AMX took a risk management framework approach and analyzed security controls under frameworks such as ISO 27001 standards and the US National Institute of Standards and Technologies (NIST) SP800-53 to create an appropriate set of security controls for AV applications on the network. Once that set was established, AMX surveyed security policies around the world and applied the strictest control values as the development target.
As a manufacturer we need to be careful not to dictate security controls, or create cumbersome technology obstacles. Instead, we build products with features that allow users to define roles, use the same security tools and techniques used for other IT assets for consistency and ease of use, and require standalone devices to have the same security capabilities as devices that leverage enterprise assets. For example, our NX Series Central Controllers, which can be used as the control layer with any of HARMAN’s audio, video and lighting products, allow the same controls and features provided by the centralized assets, including role based access control, password policy controls and full security logging.
Security is a complex issue and one that we take very seriously. For a deeper dive into how we are taking the lead in Secure AV please see our AMX by HARMAN Defining Secure AV statement at: https://www.amx.com/resource/defining-secure-av-white-paper.pdf. And, to read how our stance on secure AV made us the only AV manufacturer to receive the Cybersecurity Assessment Package (CAP) for direct connection to DoD networks read our security story: https://www.amx.com/en-US/secureav