Why Video Surveillance and Cybersecurity
Surveillance video is a valuable data asset, and like any other sensitive data, video can be used for many nefarious purposes. Criminals can observe stolen video to identify high-risk asset areas, follow VIP patterns or even use it to disrupt operations via camera sabotage. Tampering, vandalism and denial of video service are other potential threats.
With the frequency of cyber attacks making headline news, no wonder cybersecurity is top of mind. Cybersecurity threats to businesses are at an all-time high, escalating in frequency and level of sophistication.
In this article we will examine:
- How to spot the symptoms of poor cyber health
- Tactics for protecting your data and network
- Reasons your video surveillance system would be valuable to a cyber criminal
- Building an internal company culture concerned about cybersecurity
- Resources to help make improvements or maintain the current system
Cybersecurity is an ongoing cycle of identifying vulnerabilities, assessing threats, and implementing appropriate measures. The need to strongly secure your network becomes more evident every day. To ensure a strong defense, consider the hardening of not only the network, but all the devices attached to it.
Spotting the symptoms of poor network health
If you have a strong, hardened network paired with policies, processes, and people all proactively monitoring and responding to cyber threats – and aligned with your organization’s stated cybersecurity goals – then you are in great shape! For the rest of us - read on.
- Your IT and security teams are not aligned:
It is important to get IT and Security teams to have aligned policies and processes with clear password management, ownership and responsibility to review security measures, have advance encryption methods applied to video streams and have hardware and software aligned with IT policies.
- Your network users are not following policies and procedures:
Have you policies and procedures in place that are documented and easy to understand? Are new and existing employees properly trained?
- Your installation and maintenance plans are not clearly documented:
Physical installation and maintenance can cause problems if your installer does not understand cybersecurity. Security, IT, facilities and maintenance departments need to be aligned on a documented installation and maintenance plan.
- Your technology vendors aren’t talking to you about cybersecurity:
Does the equipment you choose fit into your IT policy or are you trying to work your policy around your vendors? Are they talking about cybersecurity and best practices guides, performing tests and evaluating their product risks.
10 best practices for a healthy network
Along with your IT, security and facilities management teams, you can work to mitigate many of the common risks associated network’s cybersecurity.
- Use strong, unique passwords:
Set strong, unique passwords with a minimum of eight characters. Don't rely on the default settings of IP based devices. Ensure good password management, change passwords on a regular basis or use certificates in lieu of passwords.
- Deploy and install devices in the recommended way:
Where possible, cameras should be installed where they’re out of reach to a potential attacker. Unused services should be disabled and only trusted applications should be installed.
- Define clear roles and ownership:
Have clear rules and procedures established for which employees have particular access rights. Assign responsibility for reviewing security measures to ensure best practices. To reduce exposure, any device that accesses video should not be allowed to access cameras directly, unless it is required by the solution. Clients should only access video through a Video Management System (VMS) or a media proxy.
- Use the latest applicable firmware:
Bugs or flaws in operating systems found on workstations, servers, cameras, printers, and other network devices can put your organization at risk. Install patches and security updates and have a well-documented maintenance plan.
- Perform a risk analysis:
A cyber threat analysis will define how much you can lose and how much you should spend on protection. Make an analysis of potential threats as well as the possible damage and costs if the system is attacked. Include both internal and external threats.
- Gain knowledge on system protection and possible threats:
Take a closer look at the exact systems that run on your network. Work with your entire supply chain of vendors to understand any possible threats to your network in using your selected devices.
- Change your devices’ factory default settings:
Do not rely on any device’s default settings. Change the passwords and the default administrative account IDs. Enable and configure the device protection services and always disable any services you will not be using.
- Use encrypted connections:
Encrypted connections should be used on all networks, even local or ‘internal’ ones.
- Secure the network:
Understand your firewalls and filters. Taking the time to secure your network from the backbone helps to support all your other efforts to implement cybersecurity best practices.
- Maintain your systems and processes:
Monitor all devices on a regular basis and enable system notification when applicable and supported. You should also check access logs regularly to detect any attempts for unauthorized access.Once the plan is executed, it will need to be reviewed and assessed regularly. When it comes to the fast-paced world of technology, new updates, features and best practices are created all the time. Be sure to document your maintenance procedures to ensure existing and future colleagues understand your processes.
To download the Axis E-book about Cybersecurity click here.
To take the Online Cybersecurity Course click here.
For more information on any of our products phone us now.