Approved for 1 CompTIA CEU: A+, Network+, Security+, and CASP; 1 GIAC CPE
NOTE: Please use the Kalia Tower elevators to access the Nautilus Suite for this session as exhibit breakdown in the Coral Ballroom/Lobby will have begun.
In most cases, an organization’s KVM and Video Routing systems are considered mission or business critical. These systems are typically deployed in areas that are core to the mission or business operation. They usually provide highly sensitive or very important content to users who are driving key organizational processes and making mission critical decisions. This is true whether the content is military intelligence, post-production video and audio, energy production control data, or video and audio from a live event, to name just a few examples. For these reasons, the security characteristics of KVM and Video Routing systems are of paramount concern. This session reviews the industry’s current understanding of the security threat, and then explores best practices for designing KVM or Video Routing systems to ensure the security of the content, as well as the operation of the system itself.
Five key design criteria are discussed:
1. The system architecture should physically secure and separate the target of the attack (content or system operation) from the threat: people.
2. The technologies used in the system should eliminate the ability to attack from a distance; that is, sniff or eavesdrop on the system.
3. The system should allow the administrator to closely manage and control access in accordance with the organization’s security policies.
4. The system should automatically and continuously monitor for and identify breaches.
5. The system should be resilient; that is, it should be designed to not only withstand an attack, but also recover quickly following one.
Additionally, multi-domain video teleconferencing systems have become the norm in the DoD environment. A portion of this class will be dedicated to discuss DISA Periods Processing requirements and its implications when installing an integrated solution controlled by a room control system along with the “Do’s and Don’ts” regarding Information Assurance when implementing these systems.