September 25, 2020
5 min read
When it comes to digital signage, one of the most often overlooked components is connectivity. While many might consider a traditional Wi-Fi network will be enough, there are often critical security issues and compliance issues.
No one wants to install a display only to find out that there is a critical security flaw that allows hackers to hijack the display, or to discover that a provider won't permit digital signage traffic on their network.
To get a better handle on this topic, Digital Signage Today spoke with Brian Kirkendall, VP product management at Digi International, on handling connectivity and security.
Q. What are some major issues with digital signage, particularly connectivity?
A. There are several factors that are shaping the market for digital signage. First, the industry has a surprisingly rigorous regulatory framework. Vendors must meet strict standards for reliability and security while building a strong reputation. Digital signage providers must also provide public service announcements and emergency messaging (e.g. Amber Alerts, weather alerts). Cost is also an important consideration, particularly with installation across decentralized footprints. Airtight security is a critical issue. Devices must be thoroughly tested and to prevent embarrassing breaches (e.g. unsavory images on subway trains or on highway billboards).
On a more technical level, signs must be ruggedized to withstand the vibration of transit deployments or extreme weather conditions. A digital sign's power draw can be significant. Electric utilities want to monitor power (for example, CT meter), which may necessitate additional connectivity.
When you're looking at connectivity, you have to look at costs. Early installations that relied on wired LANs and landline installations were terribly expensive, easily hitting hundreds of dollars per month per sign. And landlines can take weeks or months to install. Logically, vendors tried to adopt existing Wi-Fi networks as an easy, cost-effective solution. But quality of service quickly became an issue because those internet connections simply aren't reliable, especially in high-traffic locations where you get overloads, disconnects, frequent timeouts and drops. Security can also be problematic, with many companies simply refusing to permit digital signage traffic on their networks. This is particularly true for PCI-compliant retailers.
Q. What are some technologies that can improve digital signage connectivity?
A. In previous years, many companies used satellite (dish) connections for their digital signs. However, simply finding a feasible location to install a dish proved problematic in many instances. Reliability and cost were also factors.
More recently, many providers are adopting cellular connections in a "bring your own network" style, which is an ideal solution, for several reasons. First, cellular routers are easy to install and, since they're compact, can be positioned almost anywhere for optimal reception. Most routers install in less than an hour. What's more, sign operators can remotely switch cellular carriers for optimal signal strength to minimize downtime. Remote monitoring and optimization of the router-to-tower cell connection can help ensure maximum up-time. Owners can also reboot digital signs and remotely diagnose issues with sign infrastructure.
Cellular connectivity also means you can update the content in digital signs – immediately and at low cost. Truck rolls are minimized and there are no more USB drives to mail out (with all the costs and security concerns surrounding that method of content deployment). Everything is updated simultaneously, securely and more frequently.
In these instances, we're talking about routers, and not just modems. Industrial and enterprise cellular routers are highly sophisticated devices with stateful firewall capabilities to reconcile incoming data with outgoing requests and protect themselves against the same intrusion methods that any corporate data center might endure. Conversely, modems are unintelligent devices with no real enterprise security capabilities. These devices simply pass data from A to B without any further consideration, and this can lead to a high degree of vulnerability.
Q. Should digital signage end-users consider 5G? Why or why not?
A. We think 5G is an amazing new technology that may one day revolutionize the communications landscape, but it's important to recognize that we're currently at the starting line. Due to the short distances between 5G cell towers, this technology is currently only available in the most densely occupied urban spaces. In general, the bandwidth and latency gains from 5G aren't necessarily required for digital signage solutions. What's more, 5G is only being delivered at the highest possible speeds right now, so lower-bandwidth applications don't make much economic sense. The exception might be scenarios involving extremely large, high-resolution, streaming or video content that must be updated frequently.
Cellular technologies generally follow a life cycle of about 20 years, so we can reasonably expect 4G LTE to be available and effective for another 10 years. As such, most signage operators will want to rely on LTE a bit longer until 5G is more broadly deployed and we begin seeing greater economies of scale. In their place, we're seeing strong uptake in other complementary technologies like AI and machine vision that allow media companies to identify the demographics of a specific viewer, tailor content accordingly, and generate more meaningful impressions. Edge compute capabilities are also providing the ability to deliver highly relevant, localized content in real-time based on the location, weather, and audience.
Q. What are major security risks with digital signage?
A. Today, the biggest risks we're seeing involve outside entities seizing control of a billboard or sign. These hacks can involve stealing digital assets or displaying unauthorized text and images. Of course, let's also realize that there is much more at stake than just having inappropriate content on a public sign. Distributed denial of service attacks can shut down an entire signage network. In other cases, hackers steal bandwidth, leaving you with inflated data-usage bills.
Losing control of digital assets can result in contract issues and SLA violations, billing disputes, lawsuits, reputational damage and more. This is why it is so critical for digital sign companies to make security a primary element of the field communications infrastructure. Security issues might come from different directions, it can be as simple as using the same password across a fleet of devices, or it might involve use of out-of-date software or missing security patches. Sometimes it even entails gaps in physical security.
Q. How can cellular technologies improve security?
A. First, of course, you need to ensure that the cellular routers you employ in the field offer a comprehensive enterprise feature set. But it's also critical to leverage a centralized security and management platform. The best options include security extensions like active monitoring of device-configurations to detect if changes have been made (intentionally or accidentally). You don't want routers that no longer conform to the prescribed configuration.
Some other things we like to see include "secure boot," so you can validate that firmware on the device is approved by the manufacturer, and protected hardware ports to prevent unwanted local (on-site) intrusions. Data authentication and device-identity management offer additional security. And work with your manufacturer to ensure that their products don't ship with default user and password settings. An array of encryption protocols for data and over-the-air transmission will also ensure the integrity of data flowing across the network.
Finally, leverage a quality configuration management platform to quickly detect unauthorized changes and send active alerts to the appropriate IT resources, while also remediating devices in the background so business can continue as usual. The right management platform can also monitor cellular-device performance and up-time data to help ensure connection reliability and appropriate data consumption. You should also be able to schedule mass firmware updates and security patches to groups of devices.
A combination of these strategies provides excellent security for digital signage on cellular networks.
This article was written by Bradley Cooper from Digital Signage Today. News Features and was legally licensed through the Industry Dive publisher network. Please direct all licensing questions to email@example.com.