There have been vast improvements in security technology enabling organizations to utilize a variety of software and security tools in order to proactively provide staff and customers with a safe and secure environment. Security video has become mission-critical for many organizations, yet the combination of camera devices, switches, storage, and other network elements can leave organizations open to security vulnerabilities.
Most of the potential security breaches come down to a few key parts of the network that you need to pay attention to. Use this checklist as a starting point to proactively begin reducing security vulnerabilities in your organization today. Once security issues are found and resolved, AHS Security encourages you to refer back to this checklist to ensure that changes across your network still maintain the security of your security video network.
10 Point Checklist To Secure Your Video Network
1. Set or Reset Camera Passwords Frequently.
Ensuring that all default camera passwords have been changed upon installation is a key security feature that can be one of the most-overlooked. This is also the most basic security flaw found and the risk level is high because default passwords often can be found online. As part of initial deployment all camera devices should have unique passwords set.
2. Failed Login Attempts
Most network security platforms provide alerts upon multiple failed login attempts. Multiple failed login attempts can be a sign that hackers are attempting to breach security. Security video networks typically have multiple points of entry, all of which should be observed for this behavior.
3. Disable USB Access
Do you currently have open USB ports in your organizations security network? Eliminating physical or logical access through USB devices prevents malicious agents or malware from being injected into the video security network. There are both physical and logical ways to restrict USB access.
4. Outsiders on Production Network
Eliminate access to the production network by third parties onsite. Unmanaged access can lead to video content being removed or deleted by third party service providers. Safeguard against laptops, tablets or other devices connecting to the production network, and provide a sandbox or non-production network to verify fixes.
5. Unknown or Unverified Device Connections
Every network should have an automated alert process if unknown devices (e.g. non-authorized devices like laptops, etc) are attached to the network. In general, using wired connections avoid “honeypot” threats.
6. No VPN Access
Set a policy to never allow VPN access to your security video network. Allowing VPN access is VERY risky because there is no control over who is on other end, and no audit trail. Diagnostic information should not require VPN or other form of remote login.
7. Keep Diagnostic Data Elsewhere
Keep a separate repository for diagnostic data. The diagnostic data for the video security network should be stored in a different location from both the production network and video stream data this proactively protects against any malicious tampering.
8. Track Video File Deletions
Any unauthorized file deletions/ modifications should trigger an alert. Unauthorized file deletions may cause you to violate retention policies or otherwise fail compliance requirements.
9. Camera Device Tampering
Set up automated alerts to be in place in the event that the camera device has been tampered with (the lens is covered, the power disabled, etc). Tampering will reduce or eliminate both situational awareness and evidentiary records. These automated alerts should trigger both physical and automated security processes to ensure no data is lost.
10. Software Drivers & Firmware
Always make sure your network is running the most current and secure software. Automate systems enabling them to check drivers and firmware to detects if an up-to-date to any drivers are needed. Tracking software drivers & firmware prevents older versions that are susceptible to security breaches from remaining on your network.
If you like the ideas we’ve discussed today, give us a call and we can help you take the appropriate measures to protect your staff, equipment, and customers. Providing you with peace of mind.
Does Network Security sound like the right solution for you? Contact AHS Security Today