Make Your Metadata Cybersecure

  • By Wayne Dorris
  • May 14, 2025

We all know that physical security devices capture a massive amount of information about the environment in which they’re deployed. When categorized and searched efficiently, that data transforms into actionable intelligence to better protect the organization. That is where metadata comes into play.

Metadata is often generated in conjunction with a digital file – be it a video image, a sensor reading, or a sound wave – to describe the file and its contents.

For example, a digital image file may include metadata like the date and time the image was captured, its location, as well as the camera ID and settings used. The metadata can also include details such as the type of object (vehicle, person, animal, etc.), its size, how fast it is moving, even the direction of its movement. In essence, the metadata provides a table of contents for the data to simplify the process of understanding, sorting, and locating the data it represents.

Business Intelligence
With metadata multiple stakeholders can extract different business intelligence from the same data source. For example, a security camera can read license plates to bar unauthorized vehicles from entering a restricted parking facility. It can also count cars, compare that number to garage capacity, and automatically trigger electric signage directing vehicles to an overflow parking lot.

It might be a security camera that watches a fire exit to prevent illegal usage can also alert on detecting a blocked exit, enabling the organization to avoid fire code violations and costly fines. Or security cameras observing for theft at a construction site can also be used to detect whether construction workers are wearing their personal protection equipment as OSHA requires.

It is the metadata that makes it possible for security camera data to contribute to operational efficiency and inform pivotal business decisions. For instance, cameras could confirm QA/QC activity on a production line to help reduce costly waste or frequent remakes. Or the data they collect could help the company find events affecting workflow and operation uptime, which in an industry like automotive or circuit board manufacturing could save millions of dollars in lost production time and help management figure out ways to increase output.

While this might seem like an ideal synergy – using the same device to channel critical insights to multiple stakeholders – it raises significant concerns about the safety and integrity of data flowing between systems.

Becoming a Target for Infiltrating Critical Systems
Once security cameras primarily designed for physical security tasks start streaming data and metadata to enterprise operational and business systems, it increases their visibility. Instead of being largely ignored by hackers, they suddenly become high-value targets that can be used to infiltrate and bring down vital production and business operations.

In the past, physical security solutions operated on their own independent networks. Or IT sequestered the physical security system in a separate zone on the network, isolating it from any critical business and production functions. These decisions were made because IT did not trust that the cybersecurity measures on those devices were up to IT standards.

What IT Expects from Devices on its Network
For many physical security system manufacturers, software developers and users, IT-level cybersecurity is a new ball game. To play in IT’s sandbox, physical security devices will need things like:

  • Multilayer encryption
  • Certificate protocols
  • Zero-trust architecture
  • Automated onboarding and provisioning
  • Active Directory and Single sign-on
  • Lifecycle management

These are not new security protocols. They have been standard requirements in IT systems for more than a decade. But many are new to physical security devices.

Understanding These Security Protocols
IT security protocols serve two purposes: protecting the integrity of systems and data and making it easier to manage the devices on the network.

Multilayer encryption. While most physical security devices can encrypt data, IT security protocols take encryption to the next level. Employing multiple encryption layers and multiple encryption keys makes it more difficult for malicious attackers to gain access to the data stream. For example, MACsec encryption might be used at layer two for services like DHCP, NTP and ARP while HTTPS might be used at layer seven for API calls and WebGUI.

Certificate management. Many security devices employ certificates, digital documents that verify a device’s identity on the network and mechanisms for encryption used to transmit its data. However most physical security devices don’t support certificate management protocols like EST (Enrollment over Secure Transport) or SCEP (Simple Certificate Enrollment Protocol). These protocols automate the process of installing and replacing device certificates. Since certificates are crucial for encryption and authentication, it is unlikely that IT would approve devices that require manual certificate management.

Zero-trust architecture. IT relies on zero-trust architecture to minimize the radius of damage should a breach occur. This entails micro-segmenting sensitive resources, using end-to-end encryption, continuously monitoring user and device behavior for anomalies, and implementing robust incident response and recovery mechanisms. To support that goal, IT needs to be able to verify the authenticity of physical security devices before authorizing their access to the network.

In addition to protecting network access, zero-trust architecture enables IT to automate device enrollment, which, depending on the number of security devices being introduced to the network, can be a critical time saver.

That is why IT wants security devices that can be onboarded and provisioned automatically through secure network protocols. For instance, devices that use device IDs or 802.1 AR can be loaded onto the network automatically, right out of the box. Once installed, the policy engine server on the network checks the device’s ID and associated policies like which ports to open, and so forth.

So, the IT administrator doesn’t have to touch the device or assign it an IP address or a VLAN. To simplify things further while on a provisional VLAN device, IT can harden the security device with management software.

Active directory and single sign-on. In physical security systems, administrators tend to manage user privileges in local accounts. But in an enterprise environment, IT security protocols require that network devices be managed more securely through a centralized user rights management service like Active Directory.

To operate in this global enterprise domain, physical security devices would need to support protocols like Oauth 2.0, an IT industry standard for authorization. This would allow the physical security device to be managed more efficiently, like how servers and other IoT devices are managed on the IT network.

For instance, with Active Directory, HR could delete a resigning security officer from the Active Directory, which would automatically revoke their access privileges for all devices across the entire network at once.

Working with Active Directory also allows security devices to support Single sign-on, an authentication service that allows users to log in once to access multiple services without re-entering their user ID and password. This also allows IT to activate more secure authentication features like 2FA, or MFA on these devices, adding another layer of network protection.

Lifecycle management. Because cybersecurity risks exist at every stage of a device’s lifecycle, IT needs to be able to manage the security of every device on the network from the time it is onboarded until it is decommissioned and removed. IT will be looking for security devices that support features like secure boot, which ensures that the device is free of unauthorized software modifications prior to connecting to the network.

They will also want to be able to batch process security tasks like security patches, bug fixes, and upgrades to device operating systems. In addition, IT will want devices that allow them to easily manage device credentials, deploy certificates, disable unused services, and verify removal of outdated devices no longer supported by their manufacturers, which, unless detached, could become potential attack vectors.

Can these security protocols be retrofitted to legacy physical security devices? In most cases, the answer is no. One might be able to retrofit certificate management like EST or SCAP, but not zero-trust features. Things like a device’s digital identities need to be baked into the product at the start for it to be trusted. If security device manufacturers plan to follow these more stringent requirements, they’ll need to revamp their production process.

Investing in Cross-breach Prevention
As more stakeholders avail themselves of physical security metadata for business intelligence and operational efficiency, opportunities increase for organizations to identify ways to improve their bottom line. But using that data stream also increases the visibility of physical security devices, making them tempting targets for attackers to exploit.

Without IT-level security protocols on these devices, the potential for a breach into critical IT systems can escalate. On the other hand, having these protocols in place not only helps prevent system corruption and operation disruption, but it also assures the integrity and authenticity of the data being shared.

This article originally appeared in the May / June 2025 issue of Security Today.

Featured

  • 2025 Gun Violence Statistics Show Signs of Progress

    Omnilert, a national leader in AI-powered safety and emergency communications, has released its 2025 Gun Violence Statistics, along with a new interactive infographic examining national and school-related gun violence trends. In 2025, the U.S. recorded 38,762 gun-violence deaths, highlighting the continued importance of prevention, early detection, and coordinated response. Read Now

  • Big Brand Tire & Service Rolls Out Interface Virtual Perimeter Guard

    Interface Systems, a managed service provider delivering remote video monitoring, commercial security systems, business intelligence, and network services for multi-location enterprises, today announced that Big Brand Tire & Service, one of the nation’s fastest-growing independent tire and automotive service providers, has eliminated costly overnight break-ins and significantly reduced trespassing and vandalism at a high-risk location. The company achieved these results by deploying Interface Virtual Perimeter Guard, an AI-powered perimeter security solution designed to deter incidents before they occur. Read Now

  • The Evolution of ID Card Printing: Customer Challenges and Solutions

    The landscape of ID card printing is evolving to meet changing customer needs, transitioning from slow, manual processes to smart, on-demand printing solutions that address increasingly complex enrollment workflows. Read Now

  • TSA Awards Rohde & Schwarz Contract for Advanced Airport Screening Ahead of Soccer World Cup 2026

    Rohde & Schwarz, a provider of AI-based millimeter wave screening technology, announced today it has won a multi-million dollar award from TSA to supply its QPS201 AIT security scanners to passenger security screening checkpoints at selected Soccer World Cup 2026 host city airports. Read Now

  • Brivo, Eagle Eye Networks Merge

    Dean Drako, Chairman of Brivo, the leading global provider of cloud-native access control and smart space technologies, and Founder of Eagle Eye Networks, the global leader in cloud AI video surveillance, today announced the two companies will merge, creating the world’s largest AI cloud-native physical security company. The merged company will operate under the Brivo name and deliver a truly unified cloud-native security platform. Read Now

Most   Popular

New Products

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.