How to Harden Your Video Surveillance System for Cybersecurity

-
How to Harden Your Video Surveillance System for Cybersecurity

Security is a top priority for companies doing business in the cloud. As the number of cloud-connected devices grows, so does the risk of data breaches. OpenEye recommends the following measures to harden your system for cybersecurity.

Network

Secure the network gateway

  • The gateway device (usually a router or modem that provides access to the internet) has a firewall that protects against cyberattacks. Verify that the firewall is on and that exceptions exist to allow outbound traffic on the ports used by your cloud-enabled devices, if applicable. 
  • Change the password of the gateway device. Most modems and routers have a widely published or easily guessed default password. Even if remote configuration of the gateway device is disabled, the password should be changed. 
  • Audit the open inbound ports on the gateway’s firewall. Some cloud platforms include networking features that eliminate the need to open inbound ports on a firewall to enable remote access. 

Isolate the camera network

  • Install cameras on an isolated network.
  • Connect cameras either to a PoE switch connected to the camera port on the recorder or directly to the recorder’s internal PoE ports. 

Audit network devices

Ensure default passwords have been changed on all devices, firmware and software are up to date, and anti-virus software is installed.

Cameras

  • Protect against physical tampering—physical tampering with a camera is the easiest way to compromise it. Consider using vandal resistant cameras where applicable and when possible, mount cameras so they are out of reach without the aid of a ladder.
  • Keep firmware current—An important part of preventing cyberattacks is keeping firmware updated to ensure the latest security patches are applied.

Recording

In systems using recorders on-premise, the recorder should provide a secure recording environment, but there are a few steps that can be taken to further ensure security. 

Secure passwords

  • Change the default password—one of the simplest ways to reduce vulnerability of a recorder is to change the password of the default admin account. 
  • Passwords of at least 12 characters including numbers and both lower and uppercase letters are recommended. 
  • Avoid the use of real words or names in the password. 

Avoid local user accounts

  • Adding user accounts to local recorders increases the probability of orphaned or outdated user accounts remaining on systems and potentially compromising them. 
  • User account management via the cloud is recommended as it allows for a single point of control for multiple recorders and easy configuration at a platform level. 

Keep software current

  • Keep software updated to ensure the latest security patches are applied. 
  • Software updates are typically digitally signed and can easily be installed from a secure cloud server.

Remote clients

  • Keep software updated to ensure the latest security patches are applied. 
  • Software updates are typically digitally signed and can easily be installed from a secure cloud server.

Cloud

  • Use multifactor authentication.
  • Create a user account for each user and avoid sharing accounts between multiple users.
  • Manage user access with groups.
  • Manage remote client access users. Access to remote clients should be restricted by need and location.

OpenEye cloud platform

When it comes to cybersecurity, the OpenEye Web Services open cloud platform allows users to easily manage their video surveillance system and seamlessly integrate with existing IT infrastructure to improve cybersecurity and reduce risk. Features include multifactor authentication (MFA), centralized user management, single sign-on to access remote clients, simple password reset process, digital signature verification, automated software updates, alerts, activity and system health reports, no open inbound ports, and more.

For further recommendations for secure installation, configuration and operation of the OWS platform, read the OpenEye Cybersecurity Hardening Guide.

About OpenEye

OpenEye, the cloud video platform company, provides solutions for video security, business intelligence and loss prevention. For over 20 years, it has been committed to developing an easy-to-use, comprehensive video management system backed by Heroic Customer Service® and support. OpenEye’s solutions are available globally through a trusted network of certified service providers. Visit openeye.net.


OpenEye is developing the future of surveillance in Liberty Lake, Washington