Banking on the Cloud

Banking on the Cloud

Cloud migration flourishes, but some cybersecurity questions persist

Walk the GSX or ISC West show floor and you will see ample evidence that cloud has arrived. Cloud (and cloud-like) video surveillance providers are entering the market and exhibiting at trade shows. Cloud migration is only expected to accelerate in coming years.

Industry analyst firm Novaira Insights, in January forecasted the number of cloud-connected cameras in the United States will increase at an 80 percent CAGR through 2026. Even the large legacy VMS players want in on cloud. We have seen them creating new cloud products or acquiring cloud companies in the past year.

As quickly as businesses are moving to the cloud, some questions and misconceptions – generally having to do with cybersecurity – persist. Here are five frequent questions we hear, followed by answers that explain how and why a trusted true cloud provider offers superior cybersecurity protection.

Is it safe to put your video surveillance data in the cloud? To answer this question, I like the bank analogy. Putting your video data in the cloud is like putting your money in the bank, while keeping your video data onsite is like putting your money under your mattress. Most people opt for the bank over the mattress. Why is that? It is because you trust banks to physically safeguard your cash, to take care of it in transit and to make it readily available to you when you need it.

If your bank is in Austin, Texas, but you’re in Portland, Maine, you can go to an ATM and securely withdraw cash. The same is true with cloud, your video data is secured, cared for in transit and can be accessed at anytime from anywhere.

Banks are staffed by experts who know how to manage and protect your money. Similarly, a true cloud provider has a team of professionals solely focused on protecting the security and integrity of your video data. It is the bread and butter of what they do. They monitor for problems; patch known vulnerabilities and constantly update the video management system with the latest features.

To have a similar level of service with your on-premises video system, you would need to hire a team of IT experts or get your reseller to visit all your locations daily to check on updates and perform regular and proactive maintenance checks.

I do not trust the internet and I am worried about cloud computing. I need some reassurance. Business owners and resellers do not necessarily think about it, but most business systems have already moved to the cloud. ERP systems and CRMs are cloud-based. Everyone uses online banking; people pay bills and taxes online. Cloud systems are used to manage business data, schools, medical information. Businesses and individuals trust the cloud with all kinds of personal, private and confidential data. Video is just another kind of data.

Of course, trust is an important part of the equation. It is always important to vet any cloud vendor, their credentials, audits completed, and to learn if they have a history of cybersecurity problems, but the bottom line is that many standard business systems are cloud-based. Video surveillance just happens to be one of the last systems to move to cloud.

Can cloud help if video data is lost? Yes. Redundancy is an important benefit of cloud. In fact, some cloud providers offer triple redundancy: Video is stored on three different discs and three different cloud servers. But it is more than redundancy of storage, cloud providers also offer application redundancy – that means the system's settings and user permissions are also protected. That is not the case if you are running an on-prem system and your server dies. If that happens, you not only lose video, but have lost settings for cameras and for staff permissions in your organization. That is a huge headache you don’t need to worry about with a true cloud provider.

Redundancy benefits in the cloud also extend to power. If you lose power in one location, you can still access video from that location. We have seen the importance of power redundancy all too clearly during recent weather events, especially for businesses with many remote offices.

Bad actors and insider threats are a huge problem today. How can cloud help? This should be a major concern for every business owner. Cloud offers better protection against insider threats. With an on-prem system, a bad actor could tamper with a hard drive causing severe damage to a business. That is much more difficult to do with a cloud video surveillance system because bad actors do not have access to the hardware.

In addition, cloud video surveillance systems have audit logs. When video is accessed from the cloud, the audit log shows who accessed what video and when. The audit also records the IP address, which shows the location of the person who accessed the video. These cloud features go a long way to deter and investigate insider threats.

I keep reading about cybersecurity vulnerabilities in security cameras, are special cameras required for cloud video surveillance? A true cloud provider is an open system that works with many different camera manufacturers. The business owner is not held hostage by a specific manufacturer in a true cloud system.

Cloud video management systems work with existing security cameras, new cameras, or a mix. However, all IOT devices are subject to cybersecurity vulnerabilities, and an infected camera can cause business disruptions or much worse. Some cloud providers have addressed this problem with camera cyber lockdown features that reduce maintenance while making cameras significantly more cybersecure.

Cyber lockdown prevents security cameras from communicating with the internet and it also blocks cybersecurity attack attempts from reaching the cameras. Even if a security camera has been previously infected with a virus, camera cyber lockdown features prevent the camera from communicating with the internet.

Cybersecurity is an ongoing process for all business owners, security integrators and for cloud providers as well. The threat landscape changes daily, and vigilance is an absolute necessity. Cloud providers should welcome questions from potential customers about cybersecurity.

Armed with facts, cybersecurity becomes another reason that business owners and resellers are rapidly adopting cloud video surveillance. True cloud offers inherently better cybersecurity. You can bank on it.

This article originally appeared in the September / October 2023 issue of Security Today.

Featured

  • Two Killed During Shooting at Wisconsin Christian School

    Two people were killed and five injured during a shooting at the Abundant Life Christian School in Madison, Wis. on Monday. Read Now

  • Security Industry Association Unveils First-Ever U.S. Economic Impact Study

    The Security Industry Association (SIA) has unveiled the first-ever national economic impact study on the security industry, highlighting the positive impact the security industry has on jobs, wages and federal and state revenue in the United States. The study, conducted by Florida-based John Dunham & Associates, uses the most current methodology and data available from 2024. Read Now

  • 7 Reasons Why Governments Need to Regulate AI

    Recently, Elon Musk unveiled two remarkable AI applications. A humanoid robot named Optimus, with its remarkable human-like speech and movements, and a fully autonomous car, absent steering wheel and pedals, called Cybercab. While these examples represent a broad trend of AI integration across industries, they highlight technology’s transformative potential, prompting a need for regulation to ensure it is used responsibly, securely and ethically. Read Now

  • OR Code Phishing on the Rise According to New Report

    KnowBe4 recently released its Q3 2024 Phishing Report. This quarter's findings reveal the most frequently clicked email subjects in simulated phishing tests, demonstrating the continued efficacy of HR and IT-related phishing attempts. KnowBe4’s Q3 2024 Phishing Report reveals that HR and IT-related phishing emails claim a significant 48.6% share of top-clicked phishing types globally. Despite evolving techniques by bad actors, phishing emails remain among the most prevalent tools for executing cyberattacks. Read Now

Featured Cybersecurity

Webinars

New Products

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3