How do you maintain your digital signage network’s security?”
MVN ensures our digital signage network’s security with a multifaceted approach. The computers that run our digital signage are ideally on networks with no other machines. If required to be on a network with other machines, they are isolated from other machines on a designated VLAN that contains no other computers. Our remote PC management software utilizes an encrypted connection via HTTPS over TLS 1.2. Any additional connections our computers make are via HTTPS. The firewall on our machines is configured such that only responses to outgoing requests are allowed as incoming traffic.
Each PC player is password-protected and managed by an admin account. All Windows updates and patches are installed automatically each week, and verified monthly by an admin. The digital signage software (built on MS .net framework) requires a username/password combination to open a hosted content database connection. The username and password (password requirement: eight-character-minimum must contain uppercase and lowercase letters as well as numbers) are managed by the admin account, and standard users cannot access this information. Content change deployments require admin user approval (admin must login in to view changes before transmission will begin), and external content is hosted on Amazon Web Services. The login to upload this content is by admin only, and the password requires a minimum of eight characters and must include uppercase and lowercase letters as well as numbers. Additionally, the computers that run our digital signage are not physically accessible; they are in secure communications closets or mounted in an inaccessible location.
Having a secure network is one of the many ongoing aspects of managing a digital signage network. Since technology continues to change and evolve, we have to monitor the above strategies on a regular basis and adjust our processes accordingly. Plan on making security one of the routine maintenance jobs for your network.