In a press release issued earlier today, Proofpoint (NASDAQ:PFPT) “announced the availability of Proofpoint Cloud Account Defense (PCAD) to detect and proactively protect Microsoft Office 365 accounts, preventing attackers from causing financial and data loss.”
So What Does This Have To Do With The Folks In AV Land?
Back when I was an audio/video installer (cue the instrumental music), a well-known manufacturer of AV racks would use a handful of key codes for the locking doors on the front and rear of the AV racks. Once an installer had the basic set of keys, he or she could basically unlock any AV rack made by that manufacturer. This was very helpful when troubleshooting AV racks, because the keys were often lost by clients.
Since the AV Rack enclosure keys were so common, they were more of a theft deterrent, and provided no way of truly stopping the theivery, nor was there any trace left behind indicating that someone had unlocked the front or back door.
Many AV integrators will add “security screws” which only prevent someone who was not smart enough, or just plain too lazy, to buy the associated security bit/driver. I remember some of my former coworkers taking it a step further, and hammering the mounting screw posts down until they were bent, just to stop another contractor who kept removing the integrator’s 1RU vanity plate.
About 15-20 years ago, some higher-education IT departments were the first groups that I saw to utilize the LAN ports on the data projectors for security purposes. They would ping the projectors once every minute or so, and if for some reason the projector did not respond, an email was automatically sent to the campus police department, telling them a projector thief may be in such and such room. If the police department was quick enough to respond, they might catch them in the act.
*Cough-cough* It’s All About Convergence *Cough-Cough*
Nowadays, AV rack keys and walking projectors are the least of our worries. As stated in today’s Proofpoint press release, “Cybercriminals have pioneered a new way to compromise corporate email systems, this time by using brute force attacks to steal Microsoft Office 365 login credentials of corporate users and then logging in as an imposter on the system. These new hacking techniques work even if the company has deployed single sign on or multi-factor authentication (MFA) as part of their security system. Once the hacker has logged in masquerading as a real employee, they have a wide spectrum of choices while operating within a corporation’s email instance to cause financial harm and data loss.”
Just as AV has fully converged with IT, so have our security concerns for both hardware and software. We don’t just sell projectors, flat panels, speakers, and AV racks, we sell cloud-based software solutions like Skype For Business, which will soon be a part of Microsoft Teams. Users use single-sign on or multi-factor authentication to access our conferencing and presentation systems, and collaborate with others in the cloud. We install tablet-style room reservation systems that work with Active Directory and company-wide scheduling systems like Microsoft Outlook and Exchange Server.
Having a compromised O365 account is like having a key to every AV system on the network, as well as valuable data stored in the company cloud. If our AV systems rely on a secure network, single sign-on, and active directory, then AV manufacturers, consultants, and integrators all need to be made aware of the inherent security risks. Integrated system components need to be fully vetted on test networks that use O365 and Proofpoint’s Cloud Account Defense (PCAD) or similar cloud-security solutions, so that there are no surprises when the systems are brought online. We need to go the extra mile, and “hammer down the screw posts” of AV/IT cyber-security, so-to-speak. Constant vigilance!
For more information on Proofpoint’s Cloud Account Defense solution, click here.
If you enjoyed this article, you might also be interested in these similar posts: