August 6, 2020
Checklist: 12 Ways to Keep Your Video Network Secure
Read Time / 3 min.
This blog post includes excerpts from the article, “Securing Your Video Security Network: A 12-Point Checklist”. To download the full checklist, click here.
Video surveillance has become mission-critical for many organizations, yet the combination of camera devices, encoders, switches, storage and other network elements may leave your business open to security vulnerabilities.
These components and devices have become targets in recent years for hackers looking to gain entry to a corporate network. However, many of the potential security breaches come down to a few key parts of the network that you need to pay attention to.
By following the checklist below, you can have increased visibility of your video security system and a stronger defense against potential attacks.
1. Change Default Camera Passwords
Have all default camera passwords been changed? This is one of the most overlooked and also most basic security flaws. The risk of this is great because default passwords often can be found online. As part of initial deployment, all camera devices should have unique passwords set.
2. Look for Signs of Failed Login Attempts
Is your network able to provide alerts on multiple failed login attempts? Multiple failed login attempts are a sign that hackers are attempting to breach security. Security video networks typically have multiple points of entry, all of which should be observed for this behavior.
3. Don’t Allow VPN Access
Have you set a policy to never allow VPN access to your security video network? Allowing VPN access is risky, because there is no control over who is on other end, and no audit trail. Diagnostic information should not require VPN or other form of remote login.
4. Limit Access to Production Network
Can the production network be accessed by third parties on-site? Unmanaged access can lead to video content being removed or deleted by third-party service providers. Safeguard against laptops or other devices connecting to the production network, and provide a sandbox or non-production network to verify fixes.
5. Eliminate USB Device Access
Are there open USB ports in your security network? Eliminating physical or logical access through USB devices prevents malicious agents or malware from being injected into the video security network. There are both physical and logical ways to restrict USB access.
6. Track Software Drivers & Firmware
Do you know if you are using the most current (and secure) software? Automated checking of drivers and firmware detects if an up-to-date driver is replaced with earlier versions. Tracking software drivers and firmware prevents older versions that are susceptible to security breaches from remaining on your network.