We know that technology is constantly changing, and it is no different when it comes to surveillance technology. Surveillance solutions are evolving and converging; they are no longer just tools for surveillance; they can contribute to entrepreneurial innovation, process optimization, improved security, and overall business performance. At the crux of this rich ecosystem are the millions of IP-based connected devices and sensors leading to positive business changes. Yet, with technological advances come bad actors who are getting better at ‘cracking the code.’
However profitable a legitimate business may be, it could become more vulnerable as it becomes more connected. We hear some unfortunate cases where hackers have breached thousands of cameras and gained access to internal business and critical infrastructure operations. There is overwhelming evidence that these bad actors revolutionize their game, using artificial intelligence, machine learning and deep learning to improve the complexity of their attacks.
If you have an Internet Protocol (IP) endpoint, such as an IP surveillance camera, speaker/audio system, radar or access control unit, and you’re running on an unsecured network, guess what? You are vulnerable to cyberattacks.
Businesses should prioritize cybersecurity for IP-based systems, such as surveillance cameras or radar or access control systems, running on an unsecured network as a constant concern, within their own organizations and throughout the supply chains. Any implemented or unimplemented protective measures can affect everything else in a network.
Cyber protection: a collaborative mitigation effort
Often, company’s select video surveillance cameras and management systems for a particular purpose, as are the vendor’s options to meet that purpose. As well, whether the camera manufacturer can support the same security protocols as the VMS manufacturer and if these protocols integrate well in current cyber risk mitigation IT methods to guard against escalated risks shouldn’t be an afterthought.
Another question of accountability arises when entire surveillance operations run on IT infrastructure: Does IT control the physical security network-attached systems and devices? Or is it the responsibility of the team to direct IT to support cybersecurity integrated within the physical security solution? Ideally, it is a team effort: physical security management must work with integrators and organizations to develop inherently IT-supportive solutions.
Effective life cycle management
It is important that all of your physical assets effectively manage threats, as each device is a potential infringement point. An often ill-conceived method for this is life cycle management. A device’s lifetime is the first, i.e., how long will a surveillance solution function optimally; the second is the economic life cycle of the technology, i.e. how long before the devices cost more to maintain than to purchase new, more efficient technologies.
Keeping systems running with ongoing maintenance
Once you have considered lifecycle management and know where the risks lie and how to exploit them, you know that all software-based technologies, such as IP cameras, will need to be patched at some point. That’s why responsible vendors regularly release firmware updates and security patches. Once the lifecycle management program’s installed, you can also avoid spending more on replacing an important system component that aligns with your schedule and annual budget.
Device management software solutions
Many organizations and critical infrastructure have hundreds of network surveillance devices, so automating lifecycle management through device management software solutions can save time and money. Automated lifecycle management provides a real-time inventory of all your network surveillance devices and simplifies the implementation of stringent policies and practices across all of your devices. It also helps securely manage vital installation, deployment, configuration, security and maintenance tasks. A real-world example of this is when you receive notification of expiring security certificates, the device management software will implement new certificates for all appropriate devices.
With firmware upgrades, the software will verify that the devices are using the latest, more secure version. Wherever there is a vulnerability, the device management software shows you exactly where you sit at the forefront of cybersecurity and what steps to take to protect your technology.
Built-in protection
Cyber protection requires the implementation and ongoing maintenance of strong policies and current technologies for cybersecurity. These range from the simplest approach, such as ensuring your devices don’t run on default settings, to more complex strategies, such as full encryption of traffic between edge devices and the rest of the network. Having tools to implement cybersecurity policies helps ensure fast and easy policy implementation. Patching firmware, changing passwords, and pushing out HTTPS certificates takes time and manual configuration. New tools have enabled us to implement these important changes quickly and easily with less human effort while minimizing potential downtime; this starts by regularly and proactively monitoring your cybersecurity products.
Gavin Daly is the architect and engineering manager at Axis Communications. He provides technical expertise and personalized advice for both internal and external clients.