The dominating story in the news over the Labor Day weekend was that of the iCloud hacking and the distribution of countless naked photos and videos of dozens of celebrities. The ensuing drama involving legal action, privacy discussions, and accountability for who is responsible have dominated both airwaves and text based media. I’ve seen many stories about blaming the victims for having the illicit material, as well as whether or not this is an example of failure in a cloud storage system because of the possible security breaches. What has really intrigued me, though, is the conversation over responsibility for the issue.
Apple has rushed to defend the iCloud service and let everyone know that these pictures were not obtained through any breach in their system. There is a certain amount of cynicism that I take with that kind of a statement because while there wasn’t a back door into their cloud accessed through an HVAC system, like Target was earlier this year, this was an example of hacking at the most basic level – passwords and security questions. Most people pick passwords and security questions that will be easy to remember so they don’t have to think about it each time they have to log in, and then they reuse that password for each service. As always, in these cases, the focus that I’ve seen more often than any other has been a rush to place blame on someone.
Being as we work in the technology field that incorporates a lot of our products with network solutions, now is the time for us to start showing what we in the AV world can bring to the table to promote secure networks. There are those in the industry that keep screaming at the top of their lungs that the AV industry is doomed to fail because we’ll be swallowed up by IT, and this is a perfect time to grab the reigns and show how we are not a hindrance or risk for the IT professionals.
Now is the time to focus our efforts on speaking to client’s IT departments about how a locked down VPN connection can allow us to service their system remotely, and follow that up by telling them how we will protect the information to prevent any security breaches. We are not an industry ignorant of the IT world, in fact we have many professionals well voiced in the differences and how our industries can work together. The topic is at the forefront and is a concern for our customers and business partners, so why pass up this chance to show them we understand what they are worried about and discuss how it will not be the AV system that becomes the weakest line of defense on their network.
A few months ago I was speaking with a high level executive at a manufacturer in the AV industry about the concerns of placing signals on the network. The response I got was mildly disconcerting when I was told that security of the signals on the network was the responsibility of the network administrator. If we do not take responsibility for our own signals, even just in demonstrating that we know how to communicate what our signals will be doing on the network, we are causing more unnecessary problems for our IT brethren. We are not here to shirk responsibility. We are here to work with the other trades in order to achieve the greatest possible outcome.
Our industry is network bound, there are no doubts about that from anyone looking at where we are headed, but that means that all members of the industry have to recognize the kinds of responsibilities that will be required. The manufacturers must explore the possible security issues from their network devices, especially as more of them move towards wireless signal transmission. The instruction of network devices and technology must continue to be more readily available and present in the minds of the technicians. The consultants and integrators have to take responsibility for discussing the security of their system designs using networked devices and not rely on someone else to do it for them. There are folks out there that are doing this now, but with the topic currently being a concern for those that we serve, now is the time to reassure them that we can improve their systems without exposing their data.