Security by design: how Barco CTRL is built on a secure foundation

Control rooms are the central intelligence hubs of organizations. In many cases, they manage critical installations or infrastructure. So, it is logical that they must uphold the highest level of cybersecurity. Consider them the digital equivalents of Fort Knox. At Barco, we have always paid attention to security, but for Barco CTRL this was the foundation on which the platform was built. 

Control rooms are not islands. They are a part of the network, connecting with their many content sources. This means that there are interfaces with the outside world, and where cybercriminals see a gateway, they smell an opportunity. It is the task of the platform designers to fight off any intruder, and this can only be achieved by a thought-through design that leaves nothing to chance. This must be done without interrupting the intuitive operation for the users. They need to securely connect to their sources, from any location, and interact with the content on any video wall or operator desk.

Security by design

Cybersecurity has changed drastically over the years. Where in the past it was more seen as an additional requirement, it has evolved to be the essential foundation of the system. For Barco CTRL, we meticulously followed the Security by Design principles. This means its design is based on security, and this is reflected in every step – with an ambitious security roadmap in place. 

Additional best practices (e.g. ‘Shift Left’), were all applied in the creation of Barco CTRL, making it a full-featured solution that can even be trusted in the most secure critical environments. 

Concepts of our security philosophy

The security architecture of Barco CTRL is based on a number of clearly defined concepts. Upholding all these steps results in the highly secure system users expect and trust.

1. Identity management: Ready to be deployed in zero trust policy environments, upholding authentication and authorization.
2. Communication protection: Certificate-based and using TLS1.2/1.3 for authentication, confidentiality and integrity.
3. System protection: Full 360-degree protection, from booting, communication and storage, to system updates.
4. Audit logging: Building audit trails for full accountability.
5. Media protection: Protect media content in transit.

From a trusted, established provider

Barco CTRL’s foundation is secure. And we tend to keep it that way, by staying ahead and complying with all emerging cybersecurity regulations. We have a dedicated in-house product security team to be at the forefront of any evolutions and changing regulations and legislations. Updating the complete system is a matter of minutes, so rolling out a security update is very swift.

As an established provider for the control rooms industry since more than 3 decades, Barco is also a trusted partner. We created Barco CTRL as a future-proof platform that we will continue to support. In this way, we make sure you get the most out of your investment.

Fully featured to prevent downtime 

Making a platform secure also means it is reliable. That is why all possible measures were taken to prevent any possible downtime. Redundancy options for all critical components make sure that even in the unlikely event a hardware device fails, a spare will take over and the system will continue to work seamlessly. Also on the software side a lot of measures were taken to keep the system running. For example, on the server all services run in containers. One service malfunctioning does not take down the complete system. The same occurs in the decoders, where one source can never prevent the complete hardware device working. Coupled with excellent health monitoring, the result is a platform that has the best possible uptime.

Would you like to know more about Barco CTRL in general, or its security features in particular? Then don’t hesitate to contact us!