24 de mar de 2021

How to safely use a USB device like a ClickShare Button in your network


Small USB storage devices are a very useful way of transferring large pieces of data from one device to another. Still, ever since they were introduced, USBs have been quite a huge threat to companies’ data security. They are easy to lose and steal, employees (or even a third party) can connect dubious or infected USBs to work computers, there can be malware on the flash drive... A simple device can cause serious breaches in the security of any network.

So, how can enterprises safely enjoy the benefits of the ClickShare Button in the workplace. Should your IT manager take additional security measures to assure safety, privacy and confidentiality in the company network?

To kickstart, we show you how we designed the Button with security in mind and share some best practices for employing USB in a company network, that are relevant for the ClickShare Button. Although we have built in a lot of security measures ourselves, it remains clear that data protection is a joint responsibility.

Establishing a safe connection between Button and ClickShare device

During the design and development of our wireless solutions, the focus on securing external risks is key. When developing the ClickShare Button, which is a USB device made for wireless content sharing and for a wireless connection to the AV peripherals in the meeting room, we made sure the connection between a ClickShare Button and a Base Unit is always secure.

  • Extensive threat modelling, the most powerful security engineering, results in a fully secure and reliable collaboration system.
  • The iconic Button has specific certificates, protocols and encryption mechanisms to transfer audio and video to and from the Base Unit.
  • It’s a USB device which can only be read by a laptop and that is updated through a secured pairing process using both Base Unit and Button.
  • And last but not least, our ISO27001 certification is also a good benchmark to be certain that a we, as product vendor, have the right skills, tools and processes in place to create and maintain secure products.
Your IT organization can take the following security measures

Of course, every IT organization has its own policies and standards in place, that apply to any solution and product in the company network, and we can only advise customers to keep their security standard high. When deciding to buy new technology, it is advisable to test whether the new solution is safe enough for your company networks.

Barco has put additional measures in place that allow you to verify the integrity of the ClickShare Button and App.

  • If you doubt the origin or trustworthiness of the ClickShare App on your Desktop or on the ClickShare Button, you check if the executable is signed by Barco (just right click in Windows). If this is not the case, do not launch the application and immediately contact your IT department or our Barco service desk.
  • The ClickShare Button comes with an auto-run ClickShare Driver for Windows which enhances its secure use. The driver is automatically downloaded and installed via the Microsoft Driver Store. It is signed by Barco and verified by Microsoft. This driver ensures:
    • you do not need to rely on autorun.inf configurations – which are standard disabled on Windows 7/8 and 10 and potentially could launch malicious software
    • the PID and VID of the ClickShare Button are correct before launching the App on the ClickShare Button
    • the App on the ClickShare Button is signed by Barco and it has a valid version number which is recent enough
And update, update, update

Make sure your company devices like laptops always have an up-to-date virus scan and virus definition. In case any malicious software would be launched from the Desktop it will immediately be captured and blocked by the virus scanner.

In addition, we advise customers to update ClickShare Base Units with the latest software every quarter and to regularly pair Buttons to their respective Base Units to keep units safe of vulnerabilities and bugs.

Discover more on ClickShare Security