Meeting Modern Video Surveillance Cybersecurity Challenges

SPONSORED

Meeting Modern Video Surveillance Cybersecurity Challenges

How one manufacturer’s comprehensive, multi-pronged approach to security helps prevent successful cyberattacks and simplify operations

In the past, security considerations for video surveillance were far simpler and easier to address. Typically, video surveillance systems were separate from the Local Area Networks (LAN) and the Internet, using direct connections via coaxial cable to send data directly to a recorder. Cybersecurity requirements were low due to this isolation, and primary concerns were physical attacks, including destruction of the equipment (most often the cameras), unauthorized deleting or copying of recorded data, severed video cabling, or the obstruction of lenses and views.

Today, many video surveillance systems use IP-based equipment, which sends recorded video across ethernet cabling to local, remote, and cloud-based recorders, often using the same LAN infrastructure that is used by general office workers. Additionally, remote monitoring and control of these systems via network clients or mobile applications is common. Modern systems also support data communication with third-party systems for access control, intrusion detection, and video analytics. Each opens up new cyber vulnerabilities and challenges, complicating the security picture for users as never before.

In the modern environment, the threat of cyberattack against a video surveillance system has greatly increased, making cybersecurity a top area of concern for customers and operators. The same local security issues of past systems are also still present and must be addressed in the overall security posture, while the integrity, confidentiality, and accessibility of video surveillance data must be further protected during recording, retrieval, and while in-transit—whether across the local network or across a public network to a remote location. Users look to manufacturers and the leveraging of modern technology, best practices, and features to meet these modern challenges.

South Korean technology innovator IDIS has consistently and aggressively considered cybersecurity concerns in their R&D process, focusing on developing a rich and comprehensive set of technologies and features to ensure maximum protections for end users of their popular end-to-end line of hardware and software solutions, a total solution hardening process that begins with a key best practice: the IDIS Total Solution uses a dedicated IP camera subnet for video transmission, separate from a customer’s corporate network, making it very difficult to establish an unauthorized connection into the corporate network. IDIS educates installers and integration partners to design a physically separate network, or to partition an isolated VLAN on shared network equipment, which begins making a difference from the time of installation through a fundamental first step: keeping video surveillance data away from the end-users existing corporate network.

The IDIS total solution features a comprehensive, layered, and multi-pronged approach to ensuring maximum cybersecurity for users. This approach incorporates enhanced secure data access, data transmission, and recording.

SECURE DATA ACCESS

IDIS DirectIP™

Network security through a powerful mutual authentication system

IDIS DirectIP® is a proprietary mutual authentication system, supported by all IDIS IP products. When IDIS IP cameras are connected to an IDIS NVR, both devices mutually authenticate each other automatically through DirectIP. This ensures both sides identify and recognize who they are communicating with before the communication session is established. The authentication data is stored and protected on both the IP camera and the NVR.

Firewall on NVR

IDIS Firewall on NVR utilizing IP and port authentication system

IDIS NVR products have their own firewall installed that monitors and controls incoming and outgoing network traffic based on a predetermined set of security rules, including IP, MAC address, and port authentication. The firewalls on IDIS NVR products are designed and pre-configured to prevent unauthorized access.
Two-Factor Authentication
Multi-factor authentication system utilizing user accounts and a registered mobile app
Two-factor authentication (2FA) is a type of multi-factor authentication system. To gain access to an IDIS NVR, the user needs to certify themselves with the IDIS Mobile App after going through the usual login process by typing in a user ID and password. All IDIS NVRs safely protect user accounts with 2FA.

SECURE DATA TRANSMISSION

TLS (Transport Layer Security)

Data transmission security system combines IDIS’s proprietary technology with TLS

TLS (Transport Layer Security) is a cryptographic protocol designed to provide communications security and data integrity over networks. By integrating TLS into IDIS’s proprietary data security solutions, there is minimal performance impact on video surveillance data transmission. TLS helps prevent malicious activities such as sniffing, modification, and destruction of data as it is transmitted between devices across a network.

FEN Security (For Every Network Security)

Access and data transmission security system over a public network

FEN from IDIS is an access and data transmission security system independently developed by IDIS using point-to-point (P2P) technology. FEN is an automated network configuration service which simplifies installation of networked surveillance systems. FEN enables the user to setup and configure secure surveillance systems without needing a professional knowledge of the routers and NAT devices on the network.

SECURE DATA RECORDING

iBank

Protect data using IDIS’s proprietary database system

IDIS iBank is a database system, independently developed by IDIS, specifically for video recording. This system maximizes storage efficiency and enables fast data processing. In addition, storage devices that implement the iBank solution cannot be read by external devices such as PCs, keeping the data safe from forgery and alterations. The iBank system is used in all IDIS’s recording systems.

Chained Fingerprint

Preventing data forgery and maintaining data integrity

IDIS’s Chained Fingerprint technology extracts distinctive features of recorded video data to create fingerprints for each frame and then embeds each fingerprint into the data of the next frame, connecting each frame together with the next like a blockchain. Video data created with Chained Fingerprint technology can be submitted to courts as evidence since an alteration to any frame is easily and quickly detectable, making it simple to prove the footage is authentic and unchanged. It is a highly efficient technology for ensuring and proving the integrity of users’ recorded video data.

Edge Encryption Recording

Efficient and powerful technology for encrypted video data recording

Edge Encryption Recording technology encrypts the video data at the IP camera before storing and sending it over the network. Therefore, additional encryption and decryption processes on storage and data transmission systems are not necessary. The encrypted data is recorded directly to the SD cards and HDDs, so the stored data is safe from unauthorized access and alteration if the SD cards or HDDs are stolen.

To learn more about the IDIS Total Solution and comprehensive cybersecurity protections, visit idisglobal.com/index/cybersecurity .

Featured

Featured Cybersecurity

Webinars

New Products

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3