The secret life of control rooms: How audit logging is changing the game

Whether used in traffic, manufacturing, energy, or any other market, control rooms monitor and manage certain activities. But who is monitoring them? Not necessarily to control them, but to learn, to see which actions were taken, if there were malicious interventions, etc. Imagine having a digital time machine that records every button press and every decision. That's exactly what Barco CTRL 1.7's new audit logging feature brings to the table!

Just like aircraft have black boxes to record flight data, control rooms need their own version of this crucial technology. Enter audit logging – your control room's very own digital historian. Every time someone logs in or makes a critical decision, it's there, quietly taking notes.

Barco CTRL’s cybersecurity method is based upon the “triple A story”: Authentication, Authorization, and Accounting.

1. Authentication - The "Who are you?" guardian. Think of it as the bouncer at an exclusive club, checking IDs before letting anyone in. Whether it's through passwords, fingerprints, or multi-factor authentication, it makes sure only the right people get through the door. In addition to user authentication, AAA also includes mechanisms for authenticating devices and systems, preventing unauthorized devices from connecting to the control room network.
    
2. Authorization - The "What can you touch?" manager. Like a parent setting boundaries for kids in a candy store, it decides what each person can and can't do once they're inside. It ensures that individuals have permissions appropriate to their roles, limiting access to critical systems and information based on job responsibilities.
    
3. Accounting - The "What did you do?" recorder. The silent observer that keeps track of everything, like a meticulous detective taking notes at a crime scene. This is where audit logging comes in. These logs provide a comprehensive audit trail, aiding in the detection of suspicious behavior and facilitating forensic analysis in the event of a security incident. 
    
   CTRLsystem administrators can now configure an external syslog server for audit events. These audit events include operator actions from CTRLdesk and Identity and Access Management (IAM) user/admin actions, however no audit events will be stored in Barco CTRL.

In today's world, cybersecurity isn't just some fancy buzzword - it's as essential as locking your front door at night. With audit logging, you get:

• An early warning system for suspicious behavior

• A digital detective that can reconstruct incidents

• A way to prove who did what and when 

No less than 34% of critical infrastructure organizations cite human error as the leading cause of cloud-based data breaches. Additionally, 75% of the cyberattacks in 2024 used to gain initial access, were malware-free. This means they did not use the expected “wizz-kid behind a computer” we know from Hollywood movies, but exploited humans through credential phishing and social engineering. In other words, someone accidently let a malicious subject in. Being able to see & track the actions of operators is therefore very important.

Remember when your parents said "because I said so"? Well, now governments worldwide are saying the same thing about audit logging. From the NIS2 Directive to NERC-CIP, regulations are popping up faster than smartphone updates. But don't worry – Barco CTRL release 1.7 has got you covered, keeping you on the right side of the law while making your control room safer than ever.

So there you have it: audit logging might sound as exciting as watching paint dry, but in reality, it's your control room's superhero, working 24/7 to keep everything running smoothly and securely. Welcome to the future of control room operations, where every action counts and nothing goes unnoticed!

Multihead Remote Desktop Protocol (RDP) sources 

CTRLsystem administrators can now configure multihead RDP sources (supporting up to 16 displays, landscape/portrait mode & custom resolutions). A source instance will automatically be created per head. 

Wake up encoder sources 

If a source connected to an NGS-D440 goes to sleep, and an CTRLdesk operator has interactive permission, a mouse event from CTRLdesk will wake up the source. 

Source names on walls 

From within CTRLwall it is now possible to show the source name of a source on a videowall. By default, the source names are not visible. 

More information can be found in the release notes; www.barco.com/ctrl-whatsnew  or www.barco.com/ctrl  

Want to learn more about how Barco CTRL release 1.7 can transform your control room? Drop us a line - we promise not to log that conversation!