Cyber attacks have become a way of life with multiple network and web portal breaches affecting organizations and individuals on an all too frequent basis. For example, 96 percent of IT security professionals are expecting attacks on Industrial Internet of Things (IIOT) segments for critical infrastructure such as energy, healthcare and finance according to a recent study by IT security company, Tripwire. Any network-connected software or device in the security system could potentially serve as an open door for an attacker to access networks and sensitive information. Imagine the potential threat to one of these facilities by hacking into its IP video surveillance or IP access control systems to reroute or alter data, turn off alarms and open doors.
It’s impossible to totally prevent cyber attacks, as they can originate from hacking insiders, third parties or partners with valid credentials to access these systems. However, by ensuring these systems are hardened, it is possible to protect them and reduce vulnerability from attacks. Hardening the system basically means ensuring product and network configurations are set appropriately; keeping firmware, software, and applications up to date; and designing systems with encrypted devices.
Advanced Video Management Software (VMS), the backbone of a video surveillance and security system, offers these hardened measures and additional layers of security to help prevent cyber attacks, while also assuring the integrity of physical security and surveillance systems.
Configuring Devices and Networks
Poorly configured devices can provide a hacker with the opportunity to gain entry into the network and the IP cameras. The cameras come out of the box with a factory-set default username and password, and neglecting to change these can leave devices exposed to attackers who are well aware of the tendency to leave settings unchanged. Other security settings are often also set to a less secure state by default to make “plug-and-play” installation easier. This includes security levels for virus scans or firewalls, which may be set at a lower level so as not to affect the ease of set-up and access.
Advanced VMS solutions provide features that help protect the integrity of your video data and network with built-in AES encryption between your client and recorder, a scrambled recorded video database, and the ability to record directly to a NAS anywhere on the network. As an added security measure, networked devices should not have Internet access or be connected to any other external network if possible. In addition, network segmentation will minimize access levels and make it more difficult for hackers to locate and gain access to sensitive information. Proper network segmentation also helps to contain network problems, improve performance and reduce congestion.
Maintaining and Updating the System
Software vulnerabilities are a favorite target of hackers and other cyber criminals in their attempts to breach networks and access sensitive data. Software providers are well aware of this risk and are equally relentless in their efforts to close these “open doors” with security patches delivered in regular updates. End users often don’t know how to update their devices, don’t think to do it, or simply lack the time to update their firmware. By removing the need for human action or intervention in the software updating process, new VMS software with auto-update features helps ensure that users’ systems are always current. As an added bonus, some VMS solutions offer auto-updates in conjunction with other features designed to expedite system update installation, deliver more efficient recording, and help protect systems from cyber attacks. This is a critical feature benefit to look for when evaluating VMS solutions.
Advanced VMS solutions may offer the greatest potential to decrease system vulnerabilities. Often serving as the hub for multiple security applications, open-architecture VMS solutions are capable of collecting, sorting and analyzing the growing amount of data generated by access control, video surveillance and other integrated security and related systems. Analysis generates intelligence that can help make people, property, and assets safer and more secure.
Safe and Secure Devices
The first line of defense in helping to prevent these hacks is to deploy IP devices and system components featuring end-to-end encryption. Encryption technology secures communication between servers and Clients and supports Hypertext Transfer Protocol Secure (HTTPS), which is the foundation for data communication over the Internet. Essentially, encryption algorithms scramble data into unreadable code for transmission and then unscramble the data when reconnected at the receiving end when the designated permissions are provided.
Data encryption of networked systems and devices is the best way to reduce risks associated with misplaced, lost or stolen data. An IP video surveillance system, for example, has numerous points along its network infrastructure where various devices and related systems are being integrated. These include IP cameras and peripherals such as heaters and infrared lighting, modems, routers, switches which are often deployed remotely, all the way to the head-end where a VMS manages these and other devices on a single platform.
By incorporating end-to-end encryption into their IP products, manufacturers can save customers substantial time and money, as well as the cost and inconvenience of adding third party encryption software to their systems. This secure technology allows security professionals to manage a broad range of equipment locally and remotely with centralized capabilities that are efficient and cost effective.
Establish Tiered Access Privileges
Technology solutions are not the only way to harden a video surveillance and security system. Physical access to the security system also needs to be controlled so that only authorized users have access to the servers and equipment rooms where core components are installed. Cyber attacks and system tampering from inside the organization from rogue employees, malicious contractors who have authorized credentials, former employees who still have access to business-critical systems, intruders and current employees who may implement unauthorized portals to the network can all be devastating.
VMS solutions are integral to the efficiency and effectiveness of an organization’s video surveillance and security system operations. With the advent of new highly advanced VMS solutions, security professionals can implement further measures to protect their systems and the people, property, and assets they’re intended to protect.
About the Author: Ken LaMarca is the Vice President, Sales and Marketing for OnSSI.
