Maintaining Cyber Security in IP Media Systems

Protecting media systems from hacking, malware and viruses are genuine concerns to every broadcast and production facility engineer. Unfortunately, antimalware protection software is seldom used on audio and video media systems because the two technologies often prove incompatible.

Cyber threats are one of the highest concerns to every IT professional. The engineers and technicians that repair and manage broadcast and production environments are equally concerned. Yet there remains a disconnect between the companies that supply media broadcast and production software and their customers. Software vendors in the media space often state their products do not support or are incompatible with antivirus and antimalware products. Moreover, there is reluctance in the antivirus industry to understand how to make their technologies work hand-in-glove with media systems. Once, when I pressed a vendor about lagging system performance and malware software, he replied, “It’s an intermittent problem.”

Remote Desktop Access

Cyber security is a multi-faceted issue even in a closed and protected media environment. There are many applications where users in the enterprise — open side — need access to applications and services on the closed side. Or outside produced content is brought on removable media and needs to be ingested. In addition, the cyber world is an evil place where bad people try to infect and cause harm to someone else’s system. How can a secure and protected environment be designed to support the specific operating conditions and requirements in the media environment?

There are a number of philosophical approaches to addressing this, but somehow it always circles back to the incompatibility of antivirus software and media applications. One of the biggest challenges and exposure risks comes through remote technical support. This requires opening a device to the internet and allowing a vendor access using remote desktop products like Team Viewer. 

One common problem is that a remote desktop will open an internet connection for troubleshooting or software upgrade, but then fails to close that path when the session ends. This can cause inadvertent issues if an application uses a browser interface. All links may become live or the browser interface now becomes an internet gateway that exposes the device and entire environment to possible infection and intrusion. While reminders to always close the session and exit the program may help, it’s probably better to have antivirus and anti-malware detection on the device.

Now is a good time to bring cloud into the discussion. As cloud services are embraced, the need to expose formerly walled gardens to the internet becomes a requirement. Firewalls and intrusion protection products provide a first-level barrier, however device-level protection is also needed. If the production applications are cloud based then the user workstation is fully open to the internet. Media networks require a constant data flow and any congestion or disruption can compromise a broadcast or production. As vendors move more of their products to the cloud, the need for device-level antivirus and malware protection will grow dramatically.

A Serious Conundrum

This is a two-sided problem. In one corner, we have software-centric media solutions, but they conflict with virus and malware solutions in the other corner. The antivirus people developed their solutions for a much larger and far more lucrative IT industry long before our markets adopted software-centric solutions.

Where is the Needed Solution?

Whether you subscribe to ST2110 or not, there are few broadcast and production devices, systems and services that are not software running on a computer in SDI, IP or file based.

The vendors need to acknowledge the seriousness of the situation and work with the antivirus and malware product vendors to find a solution. Moving to the cloud does not solve the problem. Content still needs to get into and out of the cloud. That means access. Some networks and large groups have dedicated bandwidth connections. However, there are many small and medium-sized producers, now adopting cloud services, without security.

I am currently dealing with both a network issue and application issue involving different vendors. On the network side, the appliance version of the vendor’s software product is having configuration challenges. On the application side, we had antivirus and antimalware products running with this network software. After the media software was updated, the system became unstable with the same antivirus/malware applications.

According to the media software vendor, it made no changes that could have caused the instability. The suggested remedy was to remove the antivirus and malware protection because the vendor had no plans to investigate any incompatibilities with the antivirus products.

Solve the Problem

There are plenty of bad actors in the cyber world and, for the most part, they are out maneuvering the good people. Cyber threats are real and may cause significant financial damage to businesses. Developing a solution to protect media production and distribution from outside attacks should be a paramount concern for all vendors. The media technology industry needs to open a conversation with the IT security industry, work together, and solve the incompatibility problems. There are no good reasons why media software and protection software cannot operate in harmony without introducing performance issues.

Editor’s Note: Gary Olson has a book on IP technology, “Planning and Designing the IP Broadcast Facility – A New Puzzle to Solve”, which is available at bookstores and online.

You might also like...

HDR & WCG For Broadcast: Part 3 - Achieving Simultaneous HDR-SDR Workflows

Welcome to Part 3 of ‘HDR & WCG For Broadcast’ - a major 10 article exploration of the science and practical applications of all aspects of High Dynamic Range and Wide Color Gamut for broadcast production. Part 3 discusses the creative challenges of HDR…

IP Security For Broadcasters: Part 4 - MACsec Explained

IPsec and VPN provide much improved security over untrusted networks such as the internet. However, security may need to improve within a local area network, and to achieve this we have MACsec in our arsenal of security solutions.

Standards: Part 23 - Media Types Vs MIME Types

Media Types describe the container and content format when delivering media over a network. Historically they were described as MIME Types.

Six Considerations For Transitioning To Cloud Based Video Distribution

There are many reasons why companies are transitioning from legacy video distribution workflows to ones hosted entirely in the public cloud, but it’s not a simple process and takes an enormous amount of planning. Many potential pitfalls can be a…

IP Security For Broadcasters: Part 3 - IPsec Explained

One of the great advantages of the internet is that it relies on open standards that promote routing of IP packets between multiple networks. But this provides many challenges when considering security. The good news is that we have solutions…