Remote video access is pretty much a given nowadays. Most every business owner wants to be able to monitor what goes on inside their operation, even when they are not on site. They want to see what is happening in real time and also be able to go back and view the recorded video — all from their smartphone. But what they surely do not want is for hackers to use that remote access to penetrate their networks and steal company data. Unfortunately, many small businesses don’t give much consideration, if at all, to securing access to their remote video.
The challenge isn’t about making remote access possible. It’s about making it secure, and doing it easily. Even though network cameras and DVRs generally operate behind routers and firewalls, they still need additional protection against malware and brute force attacks. This is especially true if the surveillance system is being accessed over a public cellular network.
Security precautions are everyone’s responsibility, from the end user to device manufacturers to the installing security contractor. It’s your job to provide the cybersecurity expertise. Know what cybersecurity features are inherent in the surveillance system components you install — from the cameras and video recorders to the video management systems and servers. Then make sure you turn those hardening features on.
Following are three other keys to cyber hardening:
• Implement multiple levels of authentication through digital certificates to establish secure peer-to-peer communication between your customers’ remote mobile devices and their surveillance system.
• Activate 802.1x network port-based security to prevent a camera port from being hijacked by another device.
• Encrypt the data stream with HTTPS or SRTP encryption to keep the video from unauthorized eyes.
As the project integrator, it’s up to you to impress upon your end customers the importance of changing default usernames and passwords before connecting devices to the network. Hackers know those defaults, so don’t make the business an easy target.
Instruct end customers to maintain an accurate inventory of the surveillance devices on the network so that they can keep their software and firmware up to date. If their surveillance devices come with services and/or protocols they are not using, show your customer how to either turn them off or delete them. Your customer might forget about them, but hackers know they are there and how to exploit them.
The expectation is for manufacturers to build defense mechanisms into their products to keep end users’ data safe and secure. But as the threat landscape continues to evolve it is imperative that vendors do everything they can to keep pace. Make sure you partner with vendors that demonstrate a strong commitment to cybersecurity. Choose manufacturers and developers who:
• Attend professional cybersecurity forums to stay abreast of vulnerabilities that might compromise any device or connection in the security ecosystem.
• Help integrators and customers craft a reaction plan in case of a breach to minimize exposure.
• Quickly apprise integrators and end users of cybersecurity issues as soon as they are discovered.
• Automatically upload patches via firmware updates to surveillance system devices, similar to how customers receive cellphone updates.
• Provide management tools to assist integrators and end users with ongoing maintenance and version control of device firmware and cybersecurity features.
Anyone purchasing a video surveillance system today expects to have remote access to that video — be it a gym, a boutique retailer or any other small business. They should also expect the video system to work without vulnerabilities that can be exploited by hackers. Integrators need to partner with manufacturers that have a proven track record for providing an easy way to secure remote access and mitigate the risks of cyber threats.
With cyber attacks continuing to escalate in frequency and sophistication, end users, integrators and manufacturers all need to be on the same page to ensure all the right defense mechanisms are in place.