December 10, 2021
— Rasmus Beck (CTO at Pronestor) & John Wang (CEO at IAdea)
Conference room touch screens, explosions, and network security
Conference room touch screens, room schedule displays, meeting room screens – no matter what you call them, they are an integral part of the meeting room environment, but do they pose a potential threat to your organization?
Outside every meeting room is a screen, and on that screen, you can easily find out when the room is booked, for how long it’s booked and if it’s available, you can often book the room directly from the screen.
However, with the emergence of room booking apps for iPads and other tablets the big screen war has begun. But which is the better option for your meeting room display screens? iPads with a meeting room display app or a dedicated conference room touch screen?
To answer that question, we need to look at it from two angles. First, we’ll look at the pros and cons to using a tablet versus a dedicated meeting room display, and after that we’ll look at the security issues related to any IoT device and why you need to consider the security aspects when you choose a conference room schedule display.
First, let’s talk about tablets
First off, we love tablets. It’s the perfect mix between smartphone and laptop. From binging Netflix on the couch to catching up on the news during the morning commute, in a pinch it can even be used as an alternative to a laptop during videoconferences.
Since Steve Jobs introduced the tablet to the world, it seems like every household has at least one, and that’s because they can be used for anything. Well, almost anything.
With the emergence of meeting room booking apps for consumer tablets such as iPads we’ve started to notice an issue. And that issue is, offices with consumer grade tablets mounted outside of meeting rooms. It’s not just an eye-sore, it’s down-right dangerous.
Consumer grade IoT devices (such as tablets) are often cheaper than their purpose-built counterparts, but they can also be disastrous to any workplace environment.
You need service for your tablets
The first thing you need to consider if you want to go the route of “iPad-with-meeting-room-booking-app” is quality of support. With purpose-built conference room schedule displays, what you really pay for, is the service level.
Your call for support will be answered in due time, and whoever answers your call will be adequately trained to handle your issue. That’s rarely the case with consumer grade hardware. In short, enterprise grade hardware includes enterprise grade support. It really is as simple as that.
Why tablets are bad meeting room booking screens
The fact that tablets aren’t purpose built, means that you will usually lack key features such as integrated physical access, PoE support and peripheral lighting, which are very much needed when you set up meeting room booking systems for larger organizations. Even if you could forgo those features to save some money, there’s the issue of battery-life and product lifespan.
The batteries in most consumer-grade tablets are created with a very specific purpose in mind. You charge your tablet over-night, and then you run down the battery over the course of the day. But the same isn’t true in an office environment. A conference room touch screen is most often attached to the wall and connected to a charger around the clock.
For a purpose-built conference room touch screen this isn’t a big ask, but for a for an iPad with a meeting room booking app, it can end up a hazard. Aside from using up a lot of power and causing the device to overheat, the batteries can expand and swell, which destroys the device in the process, and at worst it will result in an explosion.
Try explaining that to the fire department.
Cheap meeting room tablets can be a potential data breach waiting to happen
As if the threat of fire and potential explosions wasn’t enough, most consumer grade IoT devices aren’t equipped with a high enough level of security to withstand even small attacks, and this makes them an open invitation for data breaches.
While the risk of data breaches does increase for any organization that employs IoT devices, there are several ways to minimize that risk.
Security needs to be a part of the design phase of the products you employ
Most IoT security issues can be overcome by better preparation especially during the research and development phase. This is true for any IoT device from consumer- to industrial-grade. *
IoT security issues aren’t isolated to cheaper devices such as the iPad. In 2020 a Belgian PhD student hacked the IoT key of the Tesla model X series with a budget of just 195$. * And while they are more common on cheaper devices, you need to prioritize your IoT network security even when you choose the more expensive enterprise- or industrial grade IoT devices.
You need to increase your network security
Networks are probably the single biggest opportunity for threat actors to gain remote access to an organization’s IoT devices, and because networks are made up of both physical and digital components, IoT security procedures should address both.
Securing your IoT network should include:
- Ensuring port security,
- Disabling port forwarding and keep ports closed unless they need to be opened,
- Implementing the use of antimalware, firewalls and intrusion detection and prevention systems,
- Blocking unauthorized domain access,
- And ensuring all systems are fully patched and up to date.
Poor network security coupled with the inability of most consumer grade devices to withstand even mild attacks will leave your entire organization’s network at risk.
Choosing the right tablet for conference room schedule displays
As you have probably already guessed, we wouldn’t recommend that you use consumer grade tablets such as iPads for your conference room schedule displays.
The only reason for choosing consumer grade tablets for your conference room schedule displays is to reduce the overall cost, but whatever you save on choosing cheaper hardware, will be spent on support and repairs from third-party suppliers, because it isn’t included in the original price.
And while you could potentially implement them in such a way that the risk of fire and explosions were lessened thus reducing your need for support, the security issues related to IoT devices coupled with lax security of consumer grade tablets will turn into a nightmare for the people handling your IT security.
References
https://internetofthingsagenda.techtarget.com/definition/IoT-security-Internet-of-Things-security
https://www.computerweekly.com/news/252492564/Belgian-security-researcher-hacks-Tesla-with-Raspberry-Pi