The fast pace of innovation in the video surveillance industry has many security integrators struggling to stay up to date on the latest trends and technologies. New emphasis on being cyber-secure has become an important criterion for video surveillance system specification; expansion into cloud-based and hosted services is changing the way integration businesses go to market; and ongoing standardization efforts and technology innovations are among the biggest challenges integrators face in the industry.
In an effort to help integrators keep pace with these trends, Hanwha Techwin America has sponsored this exclusive Security Business Roundtable discussion with:
- Peter Kaczenski, President of Macro Digital Technology Corp., of New York;
- Michael Troiani, Manager of Project Engineering and Service for SAS Technologies, New York; and
- Ray Cooke, Vice President of Products, Solutions and Integrations for Hanwha Techwin America.
What are the best strategies for integrators to use when pitching customers on a migration to cloud/hosted video surveillance options? What are the best features to highlight?
Troiani: Managed and hosted video certainly has its place for a certain customer base, but not all clients we speak to are completely sold. Yet, there are numerous advantages to hosted video that should be highlighted – such as cost, staffing, accessibility and contingency plans:
- Costs – With lower capital costs from the outset, cloud-hosted platforms can work directly with the established IT/network infrastructure – tying itself to a business’ network instead of requiring a completely separate system to host it.
- Staffing – Some clients do not wish to maintain or manage their own NVRs or DVRs because they do not have enough staffing onsite to manage it.
- Accessibility/contingency – Many companies have BCPs (Business Contingency Plans) that require equipment off site in case of an emergency. Having a video surveillance solution at a centralized location while still being fully accessible 24/7 eliminates the chance of having important video being lost or unrecoverable if equipment is located on-premises.
Kaczenski: The move to cloud can be a scary thought for some end-users, because so many people do not understand that “cloud” simply means “someone else’s server.” Once they understand that they are already using “cloud” for many aspects of their business – whether it is gmail, Salesforce or Dropbox – it takes away some of the fear. When it comes to technology, we like to highlight the improved security, scalability, and maintenance aspects of cloud-based solutions.
Cooke: Hosted video and cloud services have been an option for many years; however, there have been a few hurdles that have persisted. Here are some features to highlight: First, enhanced compression technologies, such as the industry standard H.265 and Intelligent CODECs – such as our WiseStream II compression technology – can greatly decrease the data being transferred and stored. While a few cameras at a single branch or store may not be a big deal for storage, bandwidth is another story. When you have hundreds of locations, it can be meaningful storage reduction in the cloud.
Next is the ability to have an app or agent residing on the camera, making the connection to the cloud more intelligent. This allows the cloud-based camera to record on motion or analytics detection, as well as easy configuration without the need for port forwarding for each camera.
Finally, using cameras capable of recording locally to an SD card and trickling to the cloud mitigates the loss of video in case of a network outage or hiccup.
How is the industry doing at allaying cybersecurity fears for network-connected products such as IP cameras? What else should be happening?
Cooke: The first step is getting all parties involved to take cybersecurity requirements into account from the start – not as an afterthought. Some manufacturers are recognizing the importance of cybersecurity, and removing “features” of embedded devices that are not needed for an IP video device, such as SSL or Telnet access. Manufacturers are releasing hardening guides detailing what features are turned on by default and what should be enabled or disabled – such as SNMP and UPnP – and how this will affect the cybersecurity of the device.
We see project teams designing with an approach of Defense in Depth, with multiple layers of security. We don’t want to rely on one protective mechanism such as a firewall or password but have vulnerabilities just inside.
Speaking of passwords, recent legislation has forced the industry to finally remove default passwords. Hanwha has taken this further by requiring complex passwords and restricting the use of sequential or repeated characters, which are easy to guess.
Taking this to the next level, we should be using secure communications (SSL/TLS) to encrypt data from camera to VMS, and VMS to client, as well as data at rest. Cameras and NVRs should be using secure boot, trusted platform modules, and encrypted firmware to ensure they are not compromised.
Finally, there should be better transparency regarding OEMs. There are still many white-label products out there with no mention of if or when cybersecurity firmware updates will happen, and whether such updates from unknown third-party suppliers can be trusted.
Kaczenski: The industry as a whole needs to do more. We, as the experts, need to be cognizant of the fact that cybersecurity is our responsibility and we need to choose manufacturer partners that take cybersecurity seriously. We need to follow best practices in our installations, and we need to educate our clients on what steps they can take to improve their security. Products are important, but we can’t overlook the human element.
Troiani: Cyber-attacks are unfortunately increasing, and remote access to security cameras and security systems are also in greater demand. Having the security system (access control or video surveillance) on a separate VLAN, and behind a firewall is essential.
We have a client that does vulnerability scans all the time on their networks and they require us to change passwords and update firmware on a regular basis. In regards to what should be happening all cameras and system manufacturers should be offering some kind of encrypted SSL or it should be mandatory that the connection be encrypted, both when it is stored on disk or when it is in transit.
What are some of the most effective use-case examples when integrators pitch the advantages of a unified video management platform to enterprise customers?
Kaczenski: Enterprise customers have enterprise problems, and they need an enterprise-level solution. In our view, that means all of the systems – video, access and visitor – need to be working in conjunction to compile and share information in a manner that makes it easier for a client/operator to respond quickly and effectively in the case of an event.
What happens far too often – even with customers that you would expect to have an “enterprise” solution – is that each system is acting in its own silo. In these cases, when an event takes place, operators are forced to bounce between multiple systems to get the information they need. This takes more time and effort, and it reduces the effectiveness of a response. Well designed and properly integrated solutions make it far easier for operators to identify threats and respond effectively.
Cooke: Large enterprise customers – such as hospitals, corporate facilities, large retail stores, and other use cases where there are hundreds or more cameras with multiple sites – are good examples. Couple this with the integration of other building controls and access control, multi-site access, and large user databases all point to a centralized, unified platform that enables the user to work more effectively, without having to learn multiple systems at each site, or different systems across different sites. Furthermore, users can work across the organization accessing the video and other data across the enterprise, breaking down the silo of location or group or function.
Troiani: The key is providing the customer with the most efficient decision making that fits their needs, including how quickly a response is needed from the authorities. They need one single interface that is easy to understand and use. Most importantly, it will be easier for teams to work together. This means more productivity and less time wasted trying to communicate across gaps in understanding multiple systems and interfaces and trying to piece the information together.
How has standardization affected the way vendors sell video surveillance, and how has it made it easier from the systems integration/installation side?
Cooke: Standards have significantly reduced “integration risk” in our industry. It used to be that integrators were often locked into a specific manufacturer’s software and hardware, or limited to a select few partners that integrated a camera’s API. Now that ONVIF has matured, we can rely on cameras, VMS, NVRs and other applications to work together. The latest ONVIF standards allow advanced features such as H.265, motion detection, audio and metadata to interop, removing the final barriers to video integration. This allows an integrator to choose the best VMS for their user, providing easy-to-use interfaces and advanced features, with the cameras of their choice. As systems grow and new cameras are introduced, they no longer need to perform a rip-and-replace.
Kaczenski: Standardization efforts such as ONVIF have certainly helped to improve the likelihood that IP cameras and VMS can function together; however, as an integrator, we only use ONVIF when a direct driver is not available. This could happen when we are doing a system takeover for example. When we design solutions, we ensure that the manufacturers of all the products we install confirm direct driver support.
H.265 and 4K were the hottest trends at ISC West a couple of years ago…what futuristic trends or technologies are dominating video surveillance conversations now?
Troiani: For me, the advancement of fault tolerance should be in the discussion. While not a trend, fault tolerance is a technology that seems to be overlooked in the video surveillance space; in fact, you rarely if ever see failover capability with a video surveillance solution. As video surveillance technology continues to become more valuable every day with greater enhancements in analytics and AI, the consequences of missing or lost video become greater – and with that, the cost of a system being down or offline will rise and the motive to secure greater failover capability should become more compelling.
Kaczenski: Both analytics and the cloud have been talked about for a while now, but it seems that both are coming of age. Vendors have not only made analytics and the cloud more functional, but they are also easier to deploy and less expensive than ever.
Cooke: H.265 and 4K were new and hot a few years ago; however, they have taken time to be adopted into the industry. Hanwha incorporated H.265 earlier than almost all manufacturers in our lineup, and we see other manufacturers using this valuable technology. 4K is building momentum as well.
The latest trends now include Artificial Intelligence to enhance video analytics. This allows analytics to be used on more cameras in more situations by delivering more reliable detections and alerts. AI advances will also enable ease of searching video for specific characteristics, such as vehicle or clothing color, aggressive behaviors, or even a slip and fall.
We are also seeing a push to turn a camera into an even more intelligent IoT sensor by loading third-party apps directly into the camera at the edge. Additional analytics and services can be offered beyond those the camera manufacturer designed. This allows for more flexibility and customization by the integrator.
To learn more about Hanwha Techwin America’s products and solutions, please visit www.securityinfowatch.com/10215711.