Four Key Cybersecurity Principles in Video Surveillance
By Dilen Thakrar, Product Manager, Oncam
The truth is, any device on a network poses a potential threat. Ten years ago, there was a widespread belief that enterprises could isolate their network, and in doing so, prevent cyberattacks, hacks and unauthorized access. However, nowadays, that’s becoming increasingly difficult. The ever-evolving nature of technology and the rapid growth of third-party integrations over the same network has resulted in interconnectivity that’s inevitable.
As a surveillance camera manufacturer, we have the responsibility to provide the necessary tools to minimize the number of potential areas that could be exploited in an attack on an end user. Today, businesses are operating in a vastly networked Internet of Things (IoT) environment, and as the need to deploy advanced security cameras on complex networks continues to grow, we have to take a holistic approach to protecting against security threats that are gradually becoming more sophisticated, severe and profuse.
The defense against these threats will include the right mix of technology, processes, and people. But, these protection measures should start by addressing four key cybersecurity principles:
1. Secure Communication
It’s hard to believe how many systems operate through connections that are not encrypted. One of the most mission-critical cybersecurity measures an organization can take for video surveillance systems is ensuring that communications between the server and the cameras are secure. By using HTTPS or other forms of encryption to protect data in transit, users can stop sniffing and make it much more difficult for cyber criminals to detect the types of devices within a network.
2. Common Sense Password Management
Every year, hackers get better at exploiting opportunities to retrieve suggestive information or guess passwords altogether. Many believe that simply creating complex or randomized passwords can prevent this from happening, but what’s most crucial is privacy and uniqueness. Keeping the knowledge of a password limited to essential operators is quite effective at mitigating stolen information. Equally important, and often overlooked, is ensuring that network-based cameras are configured with passwords that are different from the default manufacturer settings and other commonly used credentials.
3. IP Filtering
Although not a foolproof solution, IP filtering is easily one of the most effective ways to protect devices on a network. It’s really easy to do, and it sets up an interconnected security system that either blocks unwanted Internet traffic by their IP addresses or only allows a pre-selected list of IP addresses to connect. This builds a very effective wall between the video data and a potential cybercriminal.
4. Monitoring and Vulnerability Tests
The end user has the right to expect that a manufacturer has committed to and continues to perform due diligence when it comes to monitoring and evaluating potential cyber risks. Camera firmware must be checked for vulnerabilities, and if any are detected both before and after a video system’s deployment, patching should be swiftly executed.
Following the Fundamentals to Secure Video Data
It’s crucial to develop high levels of protection against potential attacks and provide robust and efficient support to manage cybersecurity threats and monitor risks. Still, our team believes in the basic principles of securing an end-user’s video data. There’s a theme throughout many professional cybersecurity channels that, the more security acronyms that are put on a data sheet, the safer the devices will be; this cannot be the only approach. Deploying targeted security features is only successful when you adopt the fundamental measures to protect cameras on a network.