Banking on the Cloud

Cloud migration flourishes, but some cybersecurity questions persist

• By Hans Kahler
• Sep 18, 2023

Walk the GSX or ISC West show floor and you will see ample evidence that cloud has arrived. Cloud (and cloud-like) video surveillance providers are entering the market and exhibiting at trade shows. Cloud migration is only expected to accelerate in coming years.

Industry analyst firm Novaira Insights, in January forecasted the number of cloud-connected cameras in the United States will increase at an 80 percent CAGR through 2026. Even the large legacy VMS players want in on cloud. We have seen them creating new cloud products or acquiring cloud companies in the past year.

As quickly as businesses are moving to the cloud, some questions and misconceptions – generally having to do with cybersecurity – persist. Here are five frequent questions we hear, followed by answers that explain how and why a trusted true cloud provider offers superior cybersecurity protection.

Is it safe to put your video surveillance data in the cloud? To answer this question, I like the bank analogy. Putting your video data in the cloud is like putting your money in the bank, while keeping your video data onsite is like putting your money under your mattress. Most people opt for the bank over the mattress. Why is that? It is because you trust banks to physically safeguard your cash, to take care of it in transit and to make it readily available to you when you need it.

If your bank is in Austin, Texas, but you’re in Portland, Maine, you can go to an ATM and securely withdraw cash. The same is true with cloud, your video data is secured, cared for in transit and can be accessed at anytime from anywhere.

Banks are staffed by experts who know how to manage and protect your money. Similarly, a true cloud provider has a team of professionals solely focused on protecting the security and integrity of your video data. It is the bread and butter of what they do. They monitor for problems; patch known vulnerabilities and constantly update the video management system with the latest features.

To have a similar level of service with your on-premises video system, you would need to hire a team of IT experts or get your reseller to visit all your locations daily to check on updates and perform regular and proactive maintenance checks.

I do not trust the internet and I am worried about cloud computing. I need some reassurance. Business owners and resellers do not necessarily think about it, but most business systems have already moved to the cloud. ERP systems and CRMs are cloud-based. Everyone uses online banking; people pay bills and taxes online. Cloud systems are used to manage business data, schools, medical information. Businesses and individuals trust the cloud with all kinds of personal, private and confidential data. Video is just another kind of data.

Of course, trust is an important part of the equation. It is always important to vet any cloud vendor, their credentials, audits completed, and to learn if they have a history of cybersecurity problems, but the bottom line is that many standard business systems are cloud-based. Video surveillance just happens to be one of the last systems to move to cloud.

Can cloud help if video data is lost? Yes. Redundancy is an important benefit of cloud. In fact, some cloud providers offer triple redundancy: Video is stored on three different discs and three different cloud servers. But it is more than redundancy of storage, cloud providers also offer application redundancy – that means the system's settings and user permissions are also protected. That is not the case if you are running an on-prem system and your server dies. If that happens, you not only lose video, but have lost settings for cameras and for staff permissions in your organization. That is a huge headache you don’t need to worry about with a true cloud provider.

Redundancy benefits in the cloud also extend to power. If you lose power in one location, you can still access video from that location. We have seen the importance of power redundancy all too clearly during recent weather events, especially for businesses with many remote offices.

Bad actors and insider threats are a huge problem today. How can cloud help? This should be a major concern for every business owner. Cloud offers better protection against insider threats. With an on-prem system, a bad actor could tamper with a hard drive causing severe damage to a business. That is much more difficult to do with a cloud video surveillance system because bad actors do not have access to the hardware.

In addition, cloud video surveillance systems have audit logs. When video is accessed from the cloud, the audit log shows who accessed what video and when. The audit also records the IP address, which shows the location of the person who accessed the video. These cloud features go a long way to deter and investigate insider threats.

I keep reading about cybersecurity vulnerabilities in security cameras, are special cameras required for cloud video surveillance? A true cloud provider is an open system that works with many different camera manufacturers. The business owner is not held hostage by a specific manufacturer in a true cloud system.

Cloud video management systems work with existing security cameras, new cameras, or a mix. However, all IOT devices are subject to cybersecurity vulnerabilities, and an infected camera can cause business disruptions or much worse. Some cloud providers have addressed this problem with camera cyber lockdown features that reduce maintenance while making cameras significantly more cybersecure.

Cyber lockdown prevents security cameras from communicating with the internet and it also blocks cybersecurity attack attempts from reaching the cameras. Even if a security camera has been previously infected with a virus, camera cyber lockdown features prevent the camera from communicating with the internet.

Cybersecurity is an ongoing process for all business owners, security integrators and for cloud providers as well. The threat landscape changes daily, and vigilance is an absolute necessity. Cloud providers should welcome questions from potential customers about cybersecurity.

Armed with facts, cybersecurity becomes another reason that business owners and resellers are rapidly adopting cloud video surveillance. True cloud offers inherently better cybersecurity. You can bank on it.

This article originally appeared in the September / October 2023 issue of Security Today.