March 23, 2016

Don’t Let Your Surveillance System Be The Bad Guy

Security camera systems are found in most businesses these days. Most of these camera systems are connected to the Internet driven in great part by customer demand for remote video access. The systems range from cloud-managed surveillance systems to traditional standalone DVRs and NVRs that are all connected to the internet by way of the local business network which in turn is connected to the internet.

With cyber-aIT Systemsttacks becoming more commonplace, physical security installers and internal support staff must to keep up-to-date on cyber security points of entry which can impact these camera systems as well as compromise the business data. Many security installers fail to recognize or have the skills necessary to protect camera systems from cyber security vulnerabilities that most IT systems enjoy  today.

If you have a security camera system on your business network you very well have a back door for cyber criminals.

Many camera systems have very little IT security safeguards enabled or have no security safeguards period! Many cameras have a web-based tool and come with a default usernames and passwords which is published on the internet for all to see and use. Many installers don’t change the password at all and leave the same default password for all cameras. Many end users make the same mistake as these installers.

This security vulnerability is an easy way for someone to hack into the camera via the web page and to guess these passwords which often are 12345, admin, “blank” or no password at all!

The best practice is for the installer to change these passwords as soon as the box is opened prior to the camera being deployed on the business’ network.

To make the device even more secure is the create a Virtual Local Area Network or VLAN so the video data is completely isolated from the data network. Again, another fatal error that most security installers neglect to perform!

It is best to create a professional network and configure a modern firewall to isolate the video traffic from ever accessing the data network. It is also crucial to have clear documentation on the firewall configuration, and regularly monitor and implement any necessary changes to the firewall configuration.

When considering a security camera system to be installed by the installer you should ask from very specific questions before even signing on the dotted line:

  • Will you be changing ALL default passwords on cameras and recording devices?
  • Will you provide all passwords in documentation for later reference?
  • Will you be isolating video traffic from the corporate data network?
  • What is the breadth of your IT expertise?
  • What is the operating system for the camera and recorder? Linux, IOS, Windows, other?
  • Does the NVR use IIS and is it locked down?
  • Does remote access use encryption for usernames and passwords?
  • Will the system be in a secured physical location?
  • Do you hold a state license to install and service security systems?

These are just a few of the questions you should be asking the installer. There are many more to mention here in this post and if you have any doubts on the IT experience of the installer then you need to question yourself if the company you are choosing is the proper choice.

Data breaches continue to escalate worldwide. With increasing Internet connectivity, physical security systems are extremely vulnerable to cyber-attacks which creates an entrance to the rest of your data network.