Maintaining Cyber Security in IP Media Systems

Protecting media systems from hacking, malware and viruses are genuine concerns to every broadcast and production facility engineer. Unfortunately, antimalware protection software is seldom used on audio and video media systems because the two technologies often prove incompatible.

Cyber threats are one of the highest concerns to every IT professional. The engineers and technicians that repair and manage broadcast and production environments are equally concerned. Yet there remains a disconnect between the companies that supply media broadcast and production software and their customers. Software vendors in the media space often state their products do not support or are incompatible with antivirus and antimalware products. Moreover, there is reluctance in the antivirus industry to understand how to make their technologies work hand-in-glove with media systems. Once, when I pressed a vendor about lagging system performance and malware software, he replied, “It’s an intermittent problem.”

Remote Desktop Access

Cyber security is a multi-faceted issue even in a closed and protected media environment. There are many applications where users in the enterprise — open side — need access to applications and services on the closed side. Or outside produced content is brought on removable media and needs to be ingested. In addition, the cyber world is an evil place where bad people try to infect and cause harm to someone else’s system. How can a secure and protected environment be designed to support the specific operating conditions and requirements in the media environment?

There are a number of philosophical approaches to addressing this, but somehow it always circles back to the incompatibility of antivirus software and media applications. One of the biggest challenges and exposure risks comes through remote technical support. This requires opening a device to the internet and allowing a vendor access using remote desktop products like Team Viewer. 

One common problem is that a remote desktop will open an internet connection for troubleshooting or software upgrade, but then fails to close that path when the session ends. This can cause inadvertent issues if an application uses a browser interface. All links may become live or the browser interface now becomes an internet gateway that exposes the device and entire environment to possible infection and intrusion. While reminders to always close the session and exit the program may help, it’s probably better to have antivirus and anti-malware detection on the device.

Now is a good time to bring cloud into the discussion. As cloud services are embraced, the need to expose formerly walled gardens to the internet becomes a requirement. Firewalls and intrusion protection products provide a first-level barrier, however device-level protection is also needed. If the production applications are cloud based then the user workstation is fully open to the internet. Media networks require a constant data flow and any congestion or disruption can compromise a broadcast or production. As vendors move more of their products to the cloud, the need for device-level antivirus and malware protection will grow dramatically.

A Serious Conundrum

This is a two-sided problem. In one corner, we have software-centric media solutions, but they conflict with virus and malware solutions in the other corner. The antivirus people developed their solutions for a much larger and far more lucrative IT industry long before our markets adopted software-centric solutions.

Where is the Needed Solution?

Whether you subscribe to ST2110 or not, there are few broadcast and production devices, systems and services that are not software running on a computer in SDI, IP or file based.

The vendors need to acknowledge the seriousness of the situation and work with the antivirus and malware product vendors to find a solution. Moving to the cloud does not solve the problem. Content still needs to get into and out of the cloud. That means access. Some networks and large groups have dedicated bandwidth connections. However, there are many small and medium-sized producers, now adopting cloud services, without security.

I am currently dealing with both a network issue and application issue involving different vendors. On the network side, the appliance version of the vendor’s software product is having configuration challenges. On the application side, we had antivirus and antimalware products running with this network software. After the media software was updated, the system became unstable with the same antivirus/malware applications.

According to the media software vendor, it made no changes that could have caused the instability. The suggested remedy was to remove the antivirus and malware protection because the vendor had no plans to investigate any incompatibilities with the antivirus products.

Solve the Problem

There are plenty of bad actors in the cyber world and, for the most part, they are out maneuvering the good people. Cyber threats are real and may cause significant financial damage to businesses. Developing a solution to protect media production and distribution from outside attacks should be a paramount concern for all vendors. The media technology industry needs to open a conversation with the IT security industry, work together, and solve the incompatibility problems. There are no good reasons why media software and protection software cannot operate in harmony without introducing performance issues.

Editor’s Note: Gary Olson has a book on IP technology, “Planning and Designing the IP Broadcast Facility – A New Puzzle to Solve”, which is available at bookstores and online.

Let us know what you think…

Log-in or Register for free to post comments…

You might also like...

Essential Guide: Reality of IP

As broadcasters migrate to IP, the spotlight is focusing more and more on IT infrastructure. Quietly in the background, IT has been making unprecedented progress in infrastructure design to deliver low latency high-speed networks, and new highly adaptable business models,…

Viewpoint: Making The Multiscreen Experience Applicable For Multiple Customers

There is an unprecedented transformation occurring in the TV platform, from a rigid, linear TV experience to one of flexible fluidity in the OTT and multiscreen worlds. More than half of today’s TV viewers say they now watch their f…

Google Leaves RDK Trailing with Android TV Operator Tier

Android TV is finally being adopted on a large scale by pay TV operators three years after its launch and seven years on from the original unveiling of its predecessor Google TV. One casualty could be the RDK (Reference Design…

Com Hem Claims World First Major Android TV Operator Tier Deployment with Help from 3SS

Com Hem, Sweden’s largest cable operator, has revealed that Germany’s 3 Screen Solutions (3SS) played a key role in project development and systems integration for its TV Hub, a hybrid set top box (STB) based on Android TV. 3SS als…

Metadata Grinds Towards Unification and Automation

The arcane world of metadata has been enlivened by automation with the promise of efficiency savings in asset management and much richer labelling of content to enhance discovery. At the same time, there are hopes at last of the field…