Table of Contents
The internet is a vast and interconnected network, making it susceptible to a widerange of threats. Because workers are becoming increasingly geographically distributed, remote camera access has become a table stakes feature.
The challenge in the video surveillance industry is that most cameras are not secure, in fact, nearly all cameras stream unencrypted traffic natively. And connecting those cameras to the cloud is even more dangerous.
This shift highlights the need to protect personally identifiable information (PII), and even more critically, biometric information. After all, these systems are observing every detail about yourcrucial physical assets: your people, your customers, your equipment, your products,your services, and more. This makes video your most valuable data asset.
In fact, the camera brands that are the most economical for customers, and the most dominant in the marketplace, are getting increasingly banned by the US government due to backdoors and exploits that enable other nation states to access the footage.
Section 889 of the John S. McCain National Defense Authorization Act for Fiscal Year 2019 calls for the prohibition of “telecommunications and video surveillance services or equipment” such as cameras that are manufactured by specified Chinese companies. In other words, any company doing business with a federal agency, or bidding for a project using federal dollars – schools, public utility companies, state or city government contracts etc. – is prohibited from using any non-NDAA cameras and must use NDAA compliant cameras.
Zero-trust security for your video surveillance
In the context of surveillance systems, a zero-trust model or identity-based model refers to an approach where trust is never assumed, even within a trusted network environment.
Traditional security models often operate on the premise that everything within the network perimeter is trustworthy. However, a zero-trust model challenges this notion, asserting that trust must be continuously verified, regardless of whether the user or system is inside or outside the network perimeter. This means that every user, device, or application trying to access the system, regardless of their location, is treated as a potential security threat.
Access permissions are granted on a need-to-know basis and are dynamically adjusted based on various factors, including user identity, device security posture, and behavior patterns. By adopting a zero-trust model, organizations can significantly enhance the security of their video surveillance systems, ensuring that sensitive video data remains protected from unauthorized access, breaches, and other security risks.
For any surveillance system, it is highly recommended that you select a zero-trust model to best protect your data.
Cybersecurity of best in-class camera systems
The best camera systems do not compromise on security and they also help ensure:
- Encryption
- Data in Transit: Video is encrypted before being transmitted over networks. This ensures that even if intercepted, the data is unreadable to unauthorized individuals
- Data at Rest: Stored video is encrypted to protect it from physical theft or unauthorized access to databases or storage devices
- Access control
- Role-Based Access Control (RBAC): Access control policies that grant access to video• data and particular features based on job roles and responsibilities
- Audit Logging: The most secure RBAC systems include audit and logging features to track and record access activities. This helps in monitoring and detecting security breaches and compliance with security policies
- SSO / SAML integration
- Centralized control over authentication and authorization improves security by allowing administrators to implement stronger authentication methods and enforce access policies consistently.
- Rotating / expiring tokens and keys
- Rotating tokens and keys reduces the window of vulnerability. If an attacker gains access to a token or key, they have a limited time to misuse it before it becomes invalid.