Home » Magazine Archives » July 2005
Security Technology Executive
Most Read
Most Emailed
E-mail Article
Print Article
Dispelling the Top 10 Myths of IP Surveillance: Myth No. 5
Myth #5: IP Transmission Is Insecure for VideoThe Latest from SIW
Mace to launch dealer program, acquire central station Basics of establishing an employee ID badging system The security week that was: 1/02/09 The top 40 security stories of 2008 Homemade bombs force evacuations in Aspen, Colo. Toronto wraps up municipal surveillance pilot project
By Fredrik Nilsson
Security Technology and Design
Note: Over the last several months, SecurityInfoWatch and ST&D have published a series of mythbusters about IP video. Check out ST&D's March issue and Securityinfowatch.com for myths one through four.
One of the most pervasive misconceptions about using Internet protocol to transmit video for security and surveillance applications is that the transmission is insecure for video. Much of this fear arises from the notion that the Internet is a portal to any and all information. Additionally, there have been several major news stories about intruders accessing network cameras after finding them through Google searches.
The IP-based networks used for video are the same as the networks used by corporations, banks, governments and hospitals for transferring data, e-mail and voice over IP. These networks are safe conduits for sensitive information if the correct security measures, such as firewalls, virtual private networks and password protection, are implemented. The same security precautions need to be taken when transferring video.
There are many examples of network video installations that monitor highly sensitive activities. Network video has been used for security during the Olympic Games, in downtown Washington, DC, and at major airports and government facilities. In all of these cases, those who installed and operated the systems took precautions to ensure that video would be kept secure.
Securing a Security System
There are three important ways to ensure secure transmissions via the Internet: authentication, authorization and privacy protection.
Authentication and Authorization. These first two methods go hand in hand. A device or user must identify itself to the network before gaining access, so it provides identity and access information to the network or system, like a username and password. The device or user is authenticated and authorized when the system compares the submitted information to a database of approved identities. Once the authorization is complete, the device is fully connected and operational in the system, or the user is free to use all authorized network features.
Password protecting network cameras and video servers is just as important as protecting your PC or servers. Passwords should be at least six characters long, combine numbers and letters, and mix lower and upper cases. Most network cameras support anonymous user access by default, which means that in the absence of a password, the video is made available to everyone with access to the network. If a video application needs to be highly secure, IP filtering should be used, meaning that the network camera will only send video if the request comes from a certain IP address, preventing unauthorized computers access even if they have the right username and password.
