Data encryption: secure your digital signage campaigns
June 19, 2024
At Disign, security is at the heart of our concerns. With the new version of our operating system, Disign OS, we are introducing several advanced security features, including data encryption for the player.
This feature allows you to encrypt the data related to your digital signage campaigns, ensuring optimal protection in environments where information security is critical.
Why encrypt your campaign data?
Data encryption becomes essential when your digital signage content is displayed in environments where confidentiality is crucial. While this option may seem redundant for public displays such as digital screens, LEDs, or totems, it becomes significantly important in a corporate setting, particularly in offices or sensitive sectors where the content should only be visible to authorized personnel.
For example, internal videos, confidential documents, or login credentials for services like PowerBI or Google's Looker Studio, used to display custom dashboards containing sensitive data, may require additional protection. In these cases, encryption becomes a necessity to prevent information leakage.
Understanding the risks of attacks
The main risk arises if a malicious individual manages to steal one of your players. Without encryption, this attacker could attempt to extract the sensitive data stored on the player, jeopardizing the security of your information.
How to activate data encryption on Disign OS?
Activating data encryption on your Disign OS player offers two options for security key storage:
Storage on the player: The security key is stored directly on the player. This mode allows for offline operation as the player can decrypt the data after a restart. However, it provides a lower level of security, as the key could be recovered if the attacker has access to the player.
Cloud storage (recommended): The security key is stored in the Cloud Disign. It is only accessible from authorized IPs that you have predefined. This method ensures maximum protection, preventing the attacker from decrypting the data if they are outside your network. The downside is that the player requires a network connection to retrieve the key, making offline mode impossible in this case.
Towards enhanced security with next-generation players
Currently, our players based on Raspberry Pi do not have a TPM (Trusted Platform Module) chip, a component that would allow integrating the encryption key directly into the microprocessor. However, we are already working on a new range of higher-end players equipped with TPM and RTC (Real-Time Clock) modules to offer even more robust security and improved performance for heavier and more complex applications.
These new players, still powered by Disign OS, will benefit from OTA updates (Over The Air), ensuring continuous security and optimal performance.
Conclusion
Data encryption is a cornerstone of security for your digital signage campaigns. With Disign OS, you have the choice between different key storage options to tailor security to your specific needs. Whether you opt for storage on the player or in the cloud, Disign OS ensures the protection of your most sensitive information.
The new generation of Disign players, with TPM and RTC, promises to be an ideal solution for companies concerned with the security and performance of their digital signage.
Protect your data, stay secure, and continue to trust Disign for your digital signage needs.