A Second-Generation of Cloud-Based Video Surveillance Services

What are the main drawbacks experienced by users of the First Generation of Cloud-based Video Surveillance?

The most concerning drawback is cybersecurity and the potential for compromised video. We’ve all seen the headline stories about security breaches from companies like Verkada to SolarWinds. Such breaches bring to light how important cybersecurity is when you’re connecting your system to the Cloud, or any external network. The other concern is storage immunity against ransomware.

The second, and extremely common issue with cloud-based video surveillance, is the quality of video. The fact that what you stored in the cloud may not be the same as what you recorded. The video quality of recording may have been degraded due to current transmission technologies used. These degradations include gaps in video, pixilation, or unclear images, just to name a few. When you invest in video surveillance, it is imperative that you have it available when needed. What good does your video do when it’s degraded or missing when an incident arises? The financial liabilities may be enormous.

What are the consequences of these disadvantages?

If a breach were to occur, hackers may display your private video on the global web or lock your video files unless a ransom is paid. Aside from bad PR and lost faith from your customer base, these breaches to security are often detrimental to companies that experience them and will cost an enormous amount of financial liabilities. From hospitals to financial to education institutions, these breaches bring enormous financial liabilities and the potential of losing industrial compliances like HIPPA, GDPR, CJIS, and FERPA.

The degradation of video quality may not allow a business’ recorded video to qualify as evidence in a court of law, also known as forensic grade. The recording gap may not allow you to show the clips that you need the most to defend your company. This, in turn, destroys the original purpose of your video surveillance when it’s needed most. Video is a lot like insurance, where you don’t think of it until an emergency occurs and it’s needed.

What is needed to overcome cybersecurity issues of the cloud?

Before I start to address this issue, I would like to clear the misconception of many people. Whenever the word “cloud” is mentioned, many automatically think of AWS (Amazon Web Services). There are many cloud services besides AWS, each provides different levels of cybersecurity protections.  They include Zero-Knowledge encryptions, data center redundancy, and storage immutability. To defend against cyberattacks, we need to employ all these capabilities in hardening systems against breaches and ransomware.

To provide cloud cybersecurity, we need to start from the user of the services.  Before video recordings are uploaded, they must be encrypted to prevent the contents from being disclosed if it is breached. To provide this capability, we need to employ Zero-Knowledge encryption, where only the end-user knows what the encryption key is. To protect against ransomware, the cloud storage systems must have adequate “redundancy and immutability,” these features are already available from some cloud storage providers like AWS and Wasabi, where multiple copies of the video record are created and locked against unauthorized modifications. This also provides disaster recovery protections.

What causes the degradation of video quality?

Degradation of video is caused by the use of the commonly available Internet to upload video files into the Cloud. This is a core issue because TCP/IP was originally designed for small blocks of data transfer. Data and video are extremely different in nature. Video files are very large. Using TCP/IP as the protocol to upload/download video files will cause throughput issues or failed communications during high-traffic periods. This can create video gaps from lost frames, as well as pixilated and unclear images.

Some VSaaS companies use the RTSP protocol for uploading video rather than TCP/IP. Since RTSP is a connectionless protocol, this alternative can also lead to problematic frame loss.

Can the problems of video quality degradation be resolved?

Absolutely. A new TCP/IP-based protocol can be developed to accommodate video files over the Internet. This new protocol needs to be 100% compatible with all current Internet, while also offering high throughputs for large video files. Luckily, a protocol fitting these parameters has already been created. Rasilient’s NFDLink enables the use of commonly available broadband or wireless services to send video recordings over the Internet with no degradation over a network with bi-directional packet loss of up to 10% each way. Intelligent end-to-end video caching, multi-thread communications and optimized transmission block size are used to penetrate all TCP/IP networks. NFDLink has demonstrated transfer throughput from the east coast to the west coast of the United States at rates of 500 Mbps using the Internet without dropping a single frame over a two-week period.

In addition to transmission protocol, there needs to be an importance on education and installation. Quality, as well as cybersecurity, is only as good as a system’s “weakest link.” Many times, that weakest link is the network and/or protocol it’s relying on, but not always. From manufacturer to end-user there needs to be diligence on understanding the systems we are creating and using; very rarely does an “easy, out-of-the-box solution” translate to secure, healthy, and unproblematic. Configuration and a holistic approach are needed to fit an individual system’s requirements and current operations.

What other improvements will further improve this Second-Generation of Video Cloud Services?

All of the current services are VMS-centric, meaning each service will support only one brand of VMS or a small handful at most. This causes a lot of problems with institutions like higher education and government offices where various departments often use different VMS for their video surveillance. It also limits the system integrators to focus on serving only customers which utilize a single VMS.  This second-generation service should be VMS agnostic, enabling it to support any VMS simultaneously.  By doing so, it will enlarge the addressable market of each system integrator and allow institutions with multiple VMS to work with the same service provider.