Emerging Technologies

Emerging Technologies

Your 2016 radar should include IoT, cyber security and smart codecs

If you’re like most security professionals, your daily inbox is crammed with updates from industry associations, publications and online communities summarizing the hot topics of the day. If you want to predict what will be trending for 2016 just look back at the key issues that started bubbling up to the top in the latter half of 2015.

Those are the ones that are picking up steam and will become significant factors for security professionals in the coming year. Each one represents a major advancement in edge-based electronic devices that deliver additional layers of security on both the physical and logical sides of the spectrum.

PROTECTING THE INTERNET OF THINGS

The Internet of Things (IoT) has not faded into obscurity nor is it just a marketing claim to promote the sale of another device on your network. It has become so firmly established that it garnered official security requirements from the Department of Homeland Security (DHS), Science and Technology Division. DHS lists three prerequisites for managing any IoT device or program on their networks:

Detection: the ability to know what IoT devices and components are connected to a given network or system.

Authentication: the ability to verify the provenance of IoT components and prevent and detect spoofing.

Updating: IoT security programs must include the ability to securely maintain and upgrade these components.

The combination of these three capabilities decreases the risk of security breaches by identifying which devices are on your network, ensuring that those devices have the proper logical credentials to reside on the network and confirming that they can be upgraded to the latest software when new threats are introduced.

But what really makes security of IoT so challenging is its highly diverse and widely distributed nature. The permutations and combinations of devices and networks and the ways they can connect with IoT systems are virtually endless. Therefore, it’s imperative that security professionals work closely with their IT counterparts to examine each device on their network to assure its compliance with the DHS definition of secure.

Nowadays almost anything connected to a network falls into the broad definition of IoT. This contrasts sharply with past models of operation. In the past, different systems were siloes of technology, but today it is not uncommon to combine intrusion detection, access control, mass notification, video surveillance and other electronic security devices on a single network. In the best case, these devices share information with each other and drive new solutions that mitigate risk.

For instance, a camera embedded in a door station primarily used for entry management could detect a person loitering outside your facility’s main entrance. Before alerting security professionals, it could trigger an event that plays a prerecorded message to an outdoor speaker instructing the people to move on. If they don’t, then a security guard could be notified on a mobile device or even over their VoIP phone system and have a discussion with the people outside. In the worst case, each of these devices share information directly with a local PC server, which acts as an intermediary but accomplishes the same solution. The main difference between the two is the budget it takes to arrive at the same finish line.

HARDENING CYBER CONNECTIVITY

The security industry owes most of its innovation to the consumer electronics industry, and IoT is certainly no exception. Today, I could purchase a networked thermostat, doorbell, smoke detector, television, speaker, garage door opener and even door locks that I can control from anywhere I have a signal on my smartphone. Unfortunately, in many cases, so can hackers.

There are many instances where manufacturers sacrifice security in favor of ease of use. When that happens, it’s buyer beware. While this compromise may be acceptable in consumer markets, this lack of security at the network level is unacceptable for security practitioners tasked with the protection of people and assets.

But security doesn’t rest solely on the shoulders of the practitioner. The responsibility to secure a network, its devices and the services it supports also extends to the entire vendor supply chain as well as the end user organization. That’s why reputable manufacturers not only keep security at the forefront of product development, but also provide education on best practices for the use of their products. Each installation is different and not all need to be secured to the highest levels possible. It’s noteworthy that many products come with default settings designed for ease of installation, but unfortunately also help identify devices to potential hackers by broadcasting their connection status over the network. Protocols such as UPnP and Bonjour are examples of this and should be turned off.

Compared with their consumer counterparts, professional grade products will offer an advanced level of protection using authentication methods and encryption. Authentication should sound familiar. It is the second building block for the DHS IoT definition and is the heart of a secure installation. Many edgebased products accomplish this through IEEE 802.1x which provides port level security on network switches using certificates that are assigned to specific network devices. Without the valid certificate, the switch disables the port and the device cannot communicate across the network.

This approach also requires a Radius server to manage the certificates which can either be a standalone server or embedded in the switch. Authentication mitigates the risk of unauthorized network access if someone gains physical access to your network such as hijacking the network cable from an outdoor camera and plugging in a laptop.

Encryption is another advanced security measure that should be incorporated in edge-based devices particularly if your solution leverages public networks such as the Internet. There are many installations that require a decentralized recording of video that needs to be reviewed centrally when an event occurs. In many cases the infrastructure to deliver this solution would be cost-prohibitive without using public networks. For instance, the owner of several small franchise restaurants could record events at each property and view that live or recorded video remotely from the comfort of home. There are many instances of this happening today and very few leverage encryption when doing so.

Savvy security professionals need to understand that the landscape is rapidly changing with regards to their organization’s cyber security posture. It is no longer just the responsibility of the IT department. As more electronic security counter measures move to the network, security professionals need to vet a product on its potential cyber vulnerability as well as the device’s physical security value to the organization.

DEPLOYING SMARTER CODECS

Another edge device concern involves the resolution of network cameras. As resolution continues to push ever higher it directly increases the bandwidth and storage needed to view or record it. With the introduction of 4K this past year, as well as the proliferation of even higher resolution cameras, security professionals are inundated with the mantra of more is better.

The bottom line of higher resolution from a surveillance perspective is that wider angle lenses can be used while maintaining the appropriate pixels on target for detection, recognition and/or identification, the operational requirements of a given scene. That wider field of view provides increased situational awareness and in, some cases, enables fewer cameras to be installed. Unfortunately those benefits directly translate into higher costs for bandwidth and storage which have limited their use for some customers.

Advances in video compression continue to drive down the bit rate of video with the latest being H.265, which has gained limited acceptance in the security industry. Ratified in 2013, H.265 boasts an impressive 50 percent saving in bitrate over its H.264 predecessor. The limited adoption is not unique to the security industry as it has yet to supplant H.264 in the consumer market as well, despite the improvements.

The big challenge for adoption rests on legal issues, not technical ones. HEVC Advance represents a pool of 500 patent holders for H.265 and has developed a licensing and royalty model which many companies feel goes too far. The real issue relates to the royalties for content revenue generated using H.265, which was never an issue with H.264. This model has led companies like Google and Cisco to develop their own video compression techniques. As a result, the water is getting even muddier and H.265 will probably remain a niche solution in the security industry for at least the next year.

Fortunately, several manufacturers have developed enhancements to existing implementations of H.264. Since they are using H.264 as the codecs foundation, there is broad-based support in the VMS community, which will generate some head-to-head competition once H.265 cameras start hitting the market.

One such technique called Zipstream is a radically more efficient implementation of H.264 that can reduce bandwidth and storage requirements by an average of 50 percent or more when compared to existing H.264. Sounds familiar right? That is the same savings figure that H.265 is touting. Axis Communications is not the only company offering bandwidth savings by optimizing H.264, but this particular iteration has a unique approach that dynamically allocates regions of interest inside a camera scene. In more traditional solutions the user defines a static region of interest. The problem with that approach is two-fold: the bad guy is likely to move out of a static region of interest and if you try to compensate for that fact by making the region of interest too big, you miss out on the compression savings.

KEEP AN EYE ON YOUR INBOX

There are certainly more items on the security professional’s radar for 2016, such as cloud-based services, analytics, as well as a host of new advances in camera technology. In my opinion, however, IoT, cyber and smart compression techniques will be the ones having the greatest impact on our industry in the coming year.

This article originally appeared in the May 2016 issue of Security Today.

Featured

  • AI to Help Resolve Non-Emergency Calls Across Utah and Decrease 911 Caller Wait Times

    The Utah Communications Authority (UCA), which oversees the state’s next generation 911 technology services, recently announced that public safety answering points (PSAPs) throughout the state plan to implement Motorola Solutions’ Virtual Response technology to automate the receipt and resolution of 10-digit non-emergency line calls in Utah with the help of AI. Read Now

  • Report: 2025 Video Surveillance Market Set to Grow After Small Decline in 2024

    Novaira Insights has unveiled its latest report, “World Market for Video Surveillance Hardware and Software – 2025 Edition.” The research indicates that the global market for video surveillance hardware and software experienced a slight decline of 0.3% in 2024. This performance fell short of previous forecasts, primarily due to a significant decrease of 7.8% in the Chinese market. Conversely, the rest of the world saw a growth of 4.9%. The global market for video surveillance equipment was estimated to be worth $25.0 billion in 2024. Read Now

  • Report Reveals Local Governments Face Surge in Ransomware Attacks with Minimal Resources

    KnowBe4, the cybersecurity platform that comprehensively addresses human risk management, recently released new research highlighting the critical cybersecurity challenges facing state, local, tribal, and territorial (SLTT) governments. The report details how government organizations have become prime targets for cybercriminals while simultaneously facing severe resource constraints. Read Now

  • Video Surveillance Trends to Watch

    With more organizations adding newer capabilities to their surveillance systems, it’s always important to remember the “basics” of system configuration and deployment, as well as the topline benefits of continually emerging technologies like AI and the cloud. Read Now

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

New Products

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities