Thousands of companies across hundreds of industries, government agencies, universities, and more have standardized on Crestron products. They trust and rely on Crestron to make their lives simpler and work/ education environments secure. Central to that success is Crestron's unwavering commitment to network security. Simply put, "If it's on the network, it must be secure." Clients need to know who and what is on their network.
A secure system, of course, doesn't just happen. There are large number of considerations that need to be accounted for throughout the development process. Crestron allocates and dedicates resources to define the problem spaces and document the appropriate solutions.
Step 1 - Identifying risks that are applicable to the systems and identifying assumptions about the operating environment.
Step 2 - All source code is reviewed to ensure not only proper functionality, but also conformance to security guidelines.
Step 3 - Source code is subjected to scans using automated tools that review code for common errors and security holes.
Step 4 - A rigorous testing process is in place once the software/firmware is compiled and loaded into systems. Each night, the latest code is built and automated tests are run to ensure system stability. Included in these tests are standard network scanning tools to ensure there are no unauthorized ports, etc. which have been open.
Enterprise IT departments categorize devices that don't support these features as a security risk.