AV Security Best Practices
Links to sources:
- Both Crestron Electronics and Kramer Electronics are underwriters of AVNation TV. For more information about our underwriting program click here.
- AVNation did reach out to Crestron for a spokesperson for this episode. They chose to respond in writing.
- Crestron’s statement on the Def Con hack and Wired article: “An article was published in Wired magazine late Friday regarding a presentation at the DefCon hacking conference in Las Vegas. The article and presentation described a hypothetical impact of an already corrected security vulnerability pertaining to some of Crestron’s products.In keeping with our commitment to security, we discovered potential issues and corrected them in May 2018 via a firmware update to all of our dealers and integrators.It is important to note that, in the hypothetical scenario outlined by the Wired article, that Authentication was not enabled on the tested Crestron devices. Authentication has been available for almost a decade on Crestron products and, when enabled, the scenario detailed in the article is not possible. In addition, the updated firmware we released in May eliminated any potential security risks.
Crestron considers the security of our products paramount. In fact, our products are built with the best security in the industry. Crestron sets the gold standard for network security by leveraging the most advanced technologies including 802.1x authentication, AES encryption, Active Directory® credential management, JITC Certification, SSH, secure CIP, PKI certificates, TLS, and HTTPS, among others, to provide network security at the product level. Quite simply, the Crestron security feature set is unmatched in the industry.