Industry Vertical

Being Connected

Examining why closed-network systems are not immune to cyber threats and how cloud services add layers of security to minimize risk

Isolated corporate applications and infrastructures are becoming a thing of the past. That’s because trends such as bring-your-own devices (BYOD), internet of things (IoT) and cloud services are compelling businesses to become more connected. Now more than ever, IT departments are looking outside their environment at solutions that could lower costs and take the strain off their resources.

However, in the physical security industry, one common myth is still holding some decision-makers back: it’s the idea that keeping on-premises systems on closed networks is more secure. This article will not only help to debunk this false belief, but also show how companies can further enhance the security of their on-premises systems by connecting to the cloud services with built-in security mechanisms.

Why a Closed Network Doesn’t Protect Your Systems from Threats

The security of corporate data is critical to the integrity of operations. Yet, everywhere we turn, it seems like another company has become victim to some form of cyber threat, malware or ransomware attack. As more breaches occur and attract international press attention, fear grows, leading many to believe that opening up a network to external applications makes an organization more vulnerable to a cyberattack. This mentality is no longer accurate or true. In fact, many might be surprised to learn that a significant percentage of these breaches actually come from internal sources— whether unwitting or on purpose.

Last year, a data exfiltration study done by Intel revealed that “Internal actors were responsible for 43 percent of data loss, half of which was intentional, and half accidental.”1 Another report from Forrester called, “Understand the State of Data Security and Privacy,” found similar results.2 The study indicated that almost 40 percent of breaches came from inside a company, and that accidental and malicious intent was equal.

This data tells us that on-premises systems with closed networks are not entirely immune to threats. An employee can accidently open a phishing scam email and unleash a virus on a closed network. Or, a visitor could maliciously connect a USB stick to a computer with the intent to steal data or take down systems and halt operations.

Even when facing external threats, vulnerability often stems from systems that have not been updated with the latest fixes, or from passwords that have not been changed in months. For example, in the security industry specifically, many businesses unknowingly leave themselves vulnerable to hackers or prying eyes by not changing the default passwords on new video surveillance cameras.

While many believe that opening their network to cloud services might welcome greater risks, these studies and common mishaps suggest otherwise. Lack of employee education or defined cyber security policies, gaps in physical security and insufficient system maintenance contribute to the greatest number of threats.

How Connected Applications are Shaping Up to Be More Secure

Cloud is not all or nothing. Cloud services can be added to complement an on-premises system and its infrastructure. This can include using cloud applications to store long-term evidence, instead of on local servers or on external storage devices which can end up in the wrong hands. Cloud services can also play a critical role in disaster recovery.

In case servers are damaged by a fire or natural disaster, a full system back-up can be restored using cloud services so operations can continue without delay. Organizations can connect on-premises systems to cloud services to strengthen security and minimize internal and external threats. Here is how.

Automating Updates to Avoid Known Vulnerabilities

Many vulnerabilities that hackers prey on are quickly identified and fixed by vendors in software version updates. Even when an IT team sets scheduled updates in a closed environment, it might not happen fast enough to prevent a breach. The perk of deploying cloud services is that system updates are facilitated by the vendor. As soon as the latest versions and fixes are available, the client will have access to them. This helps to ensure that their systems are always protected against known vulnerabilities.

In connected environment, the vendor also knows what software versions are running at customer sites, and what fixes they might need. This helps the vendor personalize its services and make sure each client is getting the security updates and mechanisms that they need to bolster their environment.

Monitoring System Availability and Health

IT and security departments have many priorities. When they are busy, it’s not always possible to keep an eye out for potential system failures. However, knowing when a camera goes offline or when there is a server failure can help organizations avoid potential threats. Cloud services can automate this task by immediately sending email or text alerts to directors and managers if a system vulnerability is identified.

Then, they can securely log into the system to investigate the issue and take corrective measures. This solution helps organizations keep their on-premises systems secure and working at peak efficiency.

Considering Security in the Selection of Your Cloud Service Provider

All cloud solutions are not created equally. To identity the most secure cloud services, it’s important for organizations to take a closer look at the vendor’s security policies and built-in security mechanisms. This should include encrypted communications, data protection capabilities, and strong user authentication and password protection.

These mechanisms help protect organizations against hackers and other internet- based attacks. From an internal standpoint, they also ensure only those with defined privileges will be able to access or use resources, data and applications.

Organizations should also look at the back-end cloud platform on which the services are built. Tier-one cloud providers such as Microsoft have a global incident response team that works around the clock to mitigate attacks. The company also builds security into its cloud platform from the ground up, embedding mandatory security requirements into every phase of the development process. Top cloud providers also go out of their way to comply with international and industry-specific compliance standards, and participate in rigorous third-party audits which test and verify security controls.

Opening Up to Greater Connectivity and Security

Connecting an on-premises system to external applications does not invite threats. Instead, with the right vendor, organizations can use cloud services to strengthen and enhance the security of their onpremises systems.

These services provide the necessary updates, notifications and security mechanisms that keep on-premises systems free from common vulnerabilities that lead to more serious threats. They also help IT and security teams remain efficient and proactive in ensuring their systems are secure, and functioning at peak performance.

Here’s the truth—as adoption for the cloud increases, these cloud services will help organizations keep their on-premises system more secure than ever before.

This article originally appeared in the August 2017 issue of Security Today.

Featured

  • Allegion, Comfort Technologies Implement Mobile Credentials at the Artisan Apartment Homes in Florida

    Artisan Apartment Homes, a luxury apartment complex in Dunedin, Florida, recently transitioned from mechanical keys to electronic locks and centralized system software with support from Allegion US, a leading provider of security solutions, technology and services, and Florida-based Comfort Technologies, which specializes in deploying multifamily access control, IoT devices and software management solutions. Read Now

  • Mall of America Deploys AI-Powered Analytics to Enhance Parking Intelligence

    Mall of America®, the largest shopping and entertainment complex in North America, announced an expansion of its ongoing partnership with Axis Communications to deploy cutting-edge car-counting video analytics across more than a dozen locations. With this expansion, Mall of America (MOA) has boosted operational efficiency, improved safety and security, and enabled more informed decision-making around employee scheduling and streamlining transportation for large events. Read Now

  • Security Industry Association Launches New “askSIA” AI Tool

    The Security Industry Association (SIA) has unveiled a brand-new SIA member benefit – askSIA, a conversational AI agent designed to help users get the most out of their SIA membership, easily access SIA resources and find the latest information on SIA’s training and courses, reports and publications, events, certification offerings and more. SIA members can easily find askSIA by visiting the SIA homepage or looking for the askSIA icon in the top left of webpages. Read Now

    • Industry Events
  • Industry Embraces Mobile Access, Biometrics and AI

    A combination of evolving workplace dynamics, technology innovation and new user expectations is changing how people enter and interact with physical spaces. Access control is at the heart of these changes. Combined with biometrics and AI, mobile access control has become increasingly crucial for deploying entry solutions that are seamless, secure and adaptive to user needs. Read Now

  • Sustainable Video Solution Delivered for Landmark City of London Office Development

    An advanced, end-to-end video solution from IDIS, with a focus on reducing waste and costs, has helped a major office development in the City of London align its security with sustainability objectives. Read Now

New Products

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities