Meeting Modern Video Surveillance Cybersecurity Challenges

SPONSORED

Meeting Modern Video Surveillance Cybersecurity Challenges

How one manufacturer’s comprehensive, multi-pronged approach to security helps prevent successful cyberattacks and simplify operations

In the past, security considerations for video surveillance were far simpler and easier to address. Typically, video surveillance systems were separate from the Local Area Networks (LAN) and the Internet, using direct connections via coaxial cable to send data directly to a recorder. Cybersecurity requirements were low due to this isolation, and primary concerns were physical attacks, including destruction of the equipment (most often the cameras), unauthorized deleting or copying of recorded data, severed video cabling, or the obstruction of lenses and views.

Today, many video surveillance systems use IP-based equipment, which sends recorded video across ethernet cabling to local, remote, and cloud-based recorders, often using the same LAN infrastructure that is used by general office workers. Additionally, remote monitoring and control of these systems via network clients or mobile applications is common. Modern systems also support data communication with third-party systems for access control, intrusion detection, and video analytics. Each opens up new cyber vulnerabilities and challenges, complicating the security picture for users as never before.

In the modern environment, the threat of cyberattack against a video surveillance system has greatly increased, making cybersecurity a top area of concern for customers and operators. The same local security issues of past systems are also still present and must be addressed in the overall security posture, while the integrity, confidentiality, and accessibility of video surveillance data must be further protected during recording, retrieval, and while in-transit—whether across the local network or across a public network to a remote location. Users look to manufacturers and the leveraging of modern technology, best practices, and features to meet these modern challenges.

South Korean technology innovator IDIS has consistently and aggressively considered cybersecurity concerns in their R&D process, focusing on developing a rich and comprehensive set of technologies and features to ensure maximum protections for end users of their popular end-to-end line of hardware and software solutions, a total solution hardening process that begins with a key best practice: the IDIS Total Solution uses a dedicated IP camera subnet for video transmission, separate from a customer’s corporate network, making it very difficult to establish an unauthorized connection into the corporate network. IDIS educates installers and integration partners to design a physically separate network, or to partition an isolated VLAN on shared network equipment, which begins making a difference from the time of installation through a fundamental first step: keeping video surveillance data away from the end-users existing corporate network.

The IDIS total solution features a comprehensive, layered, and multi-pronged approach to ensuring maximum cybersecurity for users. This approach incorporates enhanced secure data access, data transmission, and recording.

SECURE DATA ACCESS

IDIS DirectIP™

Network security through a powerful mutual authentication system

IDIS DirectIP® is a proprietary mutual authentication system, supported by all IDIS IP products. When IDIS IP cameras are connected to an IDIS NVR, both devices mutually authenticate each other automatically through DirectIP. This ensures both sides identify and recognize who they are communicating with before the communication session is established. The authentication data is stored and protected on both the IP camera and the NVR.

Firewall on NVR

IDIS Firewall on NVR utilizing IP and port authentication system

IDIS NVR products have their own firewall installed that monitors and controls incoming and outgoing network traffic based on a predetermined set of security rules, including IP, MAC address, and port authentication. The firewalls on IDIS NVR products are designed and pre-configured to prevent unauthorized access.
Two-Factor Authentication
Multi-factor authentication system utilizing user accounts and a registered mobile app
Two-factor authentication (2FA) is a type of multi-factor authentication system. To gain access to an IDIS NVR, the user needs to certify themselves with the IDIS Mobile App after going through the usual login process by typing in a user ID and password. All IDIS NVRs safely protect user accounts with 2FA.

SECURE DATA TRANSMISSION

TLS (Transport Layer Security)

Data transmission security system combines IDIS’s proprietary technology with TLS

TLS (Transport Layer Security) is a cryptographic protocol designed to provide communications security and data integrity over networks. By integrating TLS into IDIS’s proprietary data security solutions, there is minimal performance impact on video surveillance data transmission. TLS helps prevent malicious activities such as sniffing, modification, and destruction of data as it is transmitted between devices across a network.

FEN Security (For Every Network Security)

Access and data transmission security system over a public network

FEN from IDIS is an access and data transmission security system independently developed by IDIS using point-to-point (P2P) technology. FEN is an automated network configuration service which simplifies installation of networked surveillance systems. FEN enables the user to setup and configure secure surveillance systems without needing a professional knowledge of the routers and NAT devices on the network.

SECURE DATA RECORDING

iBank

Protect data using IDIS’s proprietary database system

IDIS iBank is a database system, independently developed by IDIS, specifically for video recording. This system maximizes storage efficiency and enables fast data processing. In addition, storage devices that implement the iBank solution cannot be read by external devices such as PCs, keeping the data safe from forgery and alterations. The iBank system is used in all IDIS’s recording systems.

Chained Fingerprint

Preventing data forgery and maintaining data integrity

IDIS’s Chained Fingerprint technology extracts distinctive features of recorded video data to create fingerprints for each frame and then embeds each fingerprint into the data of the next frame, connecting each frame together with the next like a blockchain. Video data created with Chained Fingerprint technology can be submitted to courts as evidence since an alteration to any frame is easily and quickly detectable, making it simple to prove the footage is authentic and unchanged. It is a highly efficient technology for ensuring and proving the integrity of users’ recorded video data.

Edge Encryption Recording

Efficient and powerful technology for encrypted video data recording

Edge Encryption Recording technology encrypts the video data at the IP camera before storing and sending it over the network. Therefore, additional encryption and decryption processes on storage and data transmission systems are not necessary. The encrypted data is recorded directly to the SD cards and HDDs, so the stored data is safe from unauthorized access and alteration if the SD cards or HDDs are stolen.

To learn more about the IDIS Total Solution and comprehensive cybersecurity protections, visit idisglobal.com/index/cybersecurity .

Featured

Featured Cybersecurity

Webinars

New Products

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles. 3

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities 3

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions. 3