The Digital Signage Insider
WireSpring's blog featuring tips and analysis from a team of industry experts

Securing your Interactive Kiosks and Digital Signs

Author: Bill Gerba on 2005-02-15 00:46:03

After reading this article on kiosk security over at Kiosk Marketplace, I felt compelled to fill in a few missing details that might make people think the wrong things about securing their public-facing digital terminals. First, the good: obviously, the things mentioned in the article, like anti-virus, spyware detection, session timeouts and encrypted sessions are all very important. Any kiosk software that can't handle these basic premises shouldn't be considered for projects that require Internet connectivity or private data collection. However, these items are the very basics – the tip of the kiosk and digital signage security iceberg, if you will.

The fact is that most security problems will come from one of two sources: illegitimate network traffic and physical compromise. While the former gets the most press (and is, by any measure, the fastest medium for mischief transmission), the latter is important too, and a bit easier to secure against, so that's what I'll start with.

Physical Security
Ask any computer security specialist and they will be sure to tell you that physical access is the most overlooked element in most security plans. Corporations will spend millions on firewalls, intrusion detection devices and high-priced security consultants, but will often take physical security measures for granted. Consequently, it often comes as a great surprise to them when a disgruntled employee walks off with a hard drive full of customer data. Physical security needs to be job one for these organizations, and this is even more true for anybody working with interactive kiosks or digital signs. The computers powering these devices need to be locked down (inside a locking cabinet or physically chained to something) as a first measure to prevent data theft. While all of those tool-less cases and thumbscrews seem like a really cool idea (and they are when used in a controlled, secure environment), out in public they are the only things standing between your hard drives and the crook who wants them. A tough steel enclosure and a few drops of LocTite on all case screws are a good deterrent to the casual thief. And if you can, store your entire CPU in a safe, secured place. Out of site, out of mind, after all :)

Device-level Security
Assuming that you've done what you can to ensure the physical security of your kiosk CPUs and digital signage players, the next thing to consider is device-level security. The first place to lock down your system is at the BIOS level. After configuring your systems, make sure to password-protect them to prevent unauthorized changes in the field. Next, turn your attention to the operating system itself. How should you go about locking that down? In the interactive kiosk world this duty is typically handled by your kiosk software platform. This software will do things like preventing CTRL-ALT-DEL from rebooting your computer and stopping unauthorized users from mucking about with system settings. But what about digital signage software? I was surprised to find out that many of these packages don't have any kind of security features at all. That's right... walk right up to many digital signage players and plug in a keyboard and mouse, and that's all you need to access the system. With a few clicks you can shut down the signage software and start surfing the Internet (or whatever else you want to do). If you're using a signage platform that lacks security features out-of-the-box (especially in Microsoft Windows), you'll need to take some extra steps and install some additional software to prevent this kind of tampering. If you're using an appliance-based solution you're probably better off than the Windows-based folks, but you should double-check with the device manufacturer. If you're running FireCast digital signage software, you're in good shape, since it uses the same locked-down Linux operating system as our interactive kiosk software.

Network Security
Last, but certainly not least, is network security. If you don't take network security seriously, you're going to get burned. Badly. Don't believe me? Then maybe you should talk to the dozens of customers that have come to WireSpring after finding that their insecure Windows-based platforms were compromised by viruses, trojans, and spyware. Some of these machines were turned into "zombies" and used to mail out spam messages. Others were reconfigured to display inappropriate content. And the fact that the Kiosk Marketplace article on kiosk security doesn't really cover this vital area is terrifying. Ok, they talk about VPNs and "secure transactions" a little bit, but they don't mention anything about public vs. private IPs, network address translation (NAT), hardware and software firewalls, port blocking, or turning off network services that aren't being used (even Microsoft has started to figure out this last one, and they're not exactly known for being a paragon of security).

Final notes
There are two things to keep in mind while thinking of all this. First, no system is totally secure. If somebody wants it badly enough, they're going to find a way in. But second, it's usually pretty easy to secure your systems to the point where most people won't bother trying to break in. Here are a few simple steps that you can take to help improve your network security:

• If possible, don't hook your kiosks or digital signs up to publicly-addressable IPs. Instead, use a router and hardware firewall to provide basic perimeter security.
• Turn off all unneeded network services (like file/print sharing for Windows, or samba and miscellaneous servers for Mac OSX and Linux).
• Disable listening on unused ports. Even better, use a remote management package that uses "client pull" technology and disable listening on all ports (FireCast does this for you)
• Use SSL for any critical network traffic. If you're doing any kind of live transactions, I shouldn't have to tell you this.
• Don't use proprietary, vendor-specific file formats. If you use interactive Quicktime movies, or the bug-ridden Microsoft WMV/Media Player system, you're asking for trouble. One of these days somebody is going to slip you a file that will take over your system. Use open formats like MPEG2 and MPEG4 instead, and rely on your kiosk/signage software platform for doing things like clickthroughs.

Now I certainly don't proclaim this to be the end-all of security lists, but it's a good start, and a much needed extension of the Kiosk Marketplace article. Take security seriously, and plan it in from the beginning of your kiosk or signage project, and you will be rewarded with a robust network that is highly resistant to problems and tampering. I also don't want to scare people into thinking that it's impossible to run a well-secured network. With some planning, a few ground rules, and a healthy dose of common sense, it can be done. As always, if you have any questions, feel free to ask us.

Comments (1)

Subscribe to comments for this article | Trackback

Leave a Comment

Previous Article: Tiny Projector Promises Bigger Kiosks, Cheaper Digital Signs
Next Article: Retail Television Networks Coming of Age

Front page of Digital Signage Insider Blog