How do you maintain your digital signage network’s security?”
Our vendor’s cloud talks to a media bridge device located in our Data Center. The media bridge is behind two firewalls on campus. All sign players communicate with the media bridge via passive FTP, which means the bridge reaches out to them instead of the players looking for the bridge. All players are in a secure VLAN that can only be contacted from within our campus network, being isolated from all other campus network traffic. Also, the OS that runs the sign players is a crippled-down version of Linux Debian with very limited local capabilities. Within the vendor’s cloud, each department’s signs are only accessible by the users’ assigned permissions in that department, so a password breech would only affect that department’s signs.