Banking on the Cloud -- Security Today

Banking on the Cloud

Cloud migration flourishes, but some cybersecurity questions persist

By Hans Kahler
Sep 18, 2023

Walk the GSX or ISC West show floor and you will see ample evidence that cloud has arrived. Cloud (and cloud-like) video surveillance providers are entering the market and exhibiting at trade shows. Cloud migration is only expected to accelerate in coming years.

Industry analyst firm Novaira Insights, in January forecasted the number of cloud-connected cameras in the United States will increase at an 80 percent CAGR through 2026. Even the large legacy VMS players want in on cloud. We have seen them creating new cloud products or acquiring cloud companies in the past year.

As quickly as businesses are moving to the cloud, some questions and misconceptions – generally having to do with cybersecurity – persist. Here are five frequent questions we hear, followed by answers that explain how and why a trusted true cloud provider offers superior cybersecurity protection.

Is it safe to put your video surveillance data in the cloud? To answer this question, I like the bank analogy. Putting your video data in the cloud is like putting your money in the bank, while keeping your video data onsite is like putting your money under your mattress. Most people opt for the bank over the mattress. Why is that? It is because you trust banks to physically safeguard your cash, to take care of it in transit and to make it readily available to you when you need it.

If your bank is in Austin, Texas, but you’re in Portland, Maine, you can go to an ATM and securely withdraw cash. The same is true with cloud, your video data is secured, cared for in transit and can be accessed at anytime from anywhere.

Banks are staffed by experts who know how to manage and protect your money. Similarly, a true cloud provider has a team of professionals solely focused on protecting the security and integrity of your video data. It is the bread and butter of what they do. They monitor for problems; patch known vulnerabilities and constantly update the video management system with the latest features.

To have a similar level of service with your on-premises video system, you would need to hire a team of IT experts or get your reseller to visit all your locations daily to check on updates and perform regular and proactive maintenance checks.

I do not trust the internet and I am worried about cloud computing. I need some reassurance. Business owners and resellers do not necessarily think about it, but most business systems have already moved to the cloud. ERP systems and CRMs are cloud-based. Everyone uses online banking; people pay bills and taxes online. Cloud systems are used to manage business data, schools, medical information. Businesses and individuals trust the cloud with all kinds of personal, private and confidential data. Video is just another kind of data.

Of course, trust is an important part of the equation. It is always important to vet any cloud vendor, their credentials, audits completed, and to learn if they have a history of cybersecurity problems, but the bottom line is that many standard business systems are cloud-based. Video surveillance just happens to be one of the last systems to move to cloud.

Can cloud help if video data is lost? Yes. Redundancy is an important benefit of cloud. In fact, some cloud providers offer triple redundancy: Video is stored on three different discs and three different cloud servers. But it is more than redundancy of storage, cloud providers also offer application redundancy – that means the system's settings and user permissions are also protected. That is not the case if you are running an on-prem system and your server dies. If that happens, you not only lose video, but have lost settings for cameras and for staff permissions in your organization. That is a huge headache you don’t need to worry about with a true cloud provider.

Redundancy benefits in the cloud also extend to power. If you lose power in one location, you can still access video from that location. We have seen the importance of power redundancy all too clearly during recent weather events, especially for businesses with many remote offices.

Bad actors and insider threats are a huge problem today. How can cloud help? This should be a major concern for every business owner. Cloud offers better protection against insider threats. With an on-prem system, a bad actor could tamper with a hard drive causing severe damage to a business. That is much more difficult to do with a cloud video surveillance system because bad actors do not have access to the hardware.

In addition, cloud video surveillance systems have audit logs. When video is accessed from the cloud, the audit log shows who accessed what video and when. The audit also records the IP address, which shows the location of the person who accessed the video. These cloud features go a long way to deter and investigate insider threats.

I keep reading about cybersecurity vulnerabilities in security cameras, are special cameras required for cloud video surveillance? A true cloud provider is an open system that works with many different camera manufacturers. The business owner is not held hostage by a specific manufacturer in a true cloud system.

Cloud video management systems work with existing security cameras, new cameras, or a mix. However, all IOT devices are subject to cybersecurity vulnerabilities, and an infected camera can cause business disruptions or much worse. Some cloud providers have addressed this problem with camera cyber lockdown features that reduce maintenance while making cameras significantly more cybersecure.

Cyber lockdown prevents security cameras from communicating with the internet and it also blocks cybersecurity attack attempts from reaching the cameras. Even if a security camera has been previously infected with a virus, camera cyber lockdown features prevent the camera from communicating with the internet.

Cybersecurity is an ongoing process for all business owners, security integrators and for cloud providers as well. The threat landscape changes daily, and vigilance is an absolute necessity. Cloud providers should welcome questions from potential customers about cybersecurity.

Armed with facts, cybersecurity becomes another reason that business owners and resellers are rapidly adopting cloud video surveillance. True cloud offers inherently better cybersecurity. You can bank on it.

This article originally appeared in the September / October 2023 issue of Security Today.

Featured

The Next Generation

Video security technology has reached an inflection point. With advancements in cloud infrastructure and internet bandwidth, hybrid cloud solutions can now deliver new capabilities and business opportunities for security professionals and their customers. Read Now
- IP Video
Help Your Customer Protect Themselves

In the world of IT, insider threats are on a steep upward trajectory. The cost of these threats - including negligent and malicious employees that may steal authorized users’ credentials, rose from $8.3 million in 2018 to $16.2 million in 2023. Insider threats towards physical infrastructures often bleed into the realm of cybersecurity; for instance, consider an unauthorized user breaching a physical data center and plugging in a laptop to download and steal sensitive digital information. Read Now
- Cybersecurity
Enhanced Situation Awareness

Did someone break into the building? Maybe it is just an employee pulling an all-nighter. Or is it an actual perpetrator? Audio analytics, available in many AI-enabled cameras, can add context to what operators see on the screen, helping them validate assumptions. If a glass-break detection alert is received moments before seeing a person on camera, the added situational awareness makes the event more actionable. Read Now
- Artificial Intelligence
Transformative Advances

Over the past decade, machine learning has enabled transformative advances in physical security technology. We have seen some amazing progress in using machine learning algorithms to train computers to assess and improve computational processes. Although such tools are helpful for security and operations, machines are still far from being capable of thinking or acting like humans. They do, however, offer unique opportunities for teams to enhance security and productivity. Read Now
- Artificial Intelligence

Webinars

Hanwha Vision (formerly Hanwha Techwin), Eagle Eye Networks Inc, Salient Systems

Smart Buildings: Focus on Networking and Video Surveillance
The State of Safe Web Browsing in Enterprises Today
BriefCam

AI-Driven Video Analytics: The Foundation for Your Security Tech Stack

Whitepapers

Axis Communications, Inc.

Virginia School Security Grants
ASSA ABLOY

The evolution of data center security: Safeguarding critical assets in today’s data centers
Winsted Corporation

All-Star Lineup

New Products

Connect ONE®

Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation. 3
FEP GameChanger

Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3
Compact IP Video Intercom

Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3