Despite the many opportunities and advantages modern surveillance technology has brought us, it’s not hard to believe that many of the industry’s most experienced hands in the security industry look back on the simplicity of the ‘old days,’ with a smile. While advancements in video surveillance make a critical difference daily, making them indispensable in reality, modern problems like the growing complexity of cybersecurity threats can easily make one momentarily long for a simpler time. Keith Drummond, Senior Director of IDIS America, talks about the company’s approach to the growing challenge.
Has the growing complexity of cybersecurity been of interest to IDIS?
Drummond: At IDIS we’ve been very attuned to the challenge of complexity since day one, something we’ve addressed with our DirectIP™ line of end-to-end surveillance offerings, that are all truly plug-and-play, self-configuring, and easy to both install and use. And we’ve paid attention to the growing complexity in terms of keeping one’s surveillance infrastructure and the integrity of the data it captures safe and secure.
IDIS has consistently been one of South Korea and the world’s most innovative technology manufacturers, and its approach to cyber security follows in that tradition. We’ve aggressively considered cybersecurity concerns in our R&D process, looking not toward a one-size-fits-all solution (easily marketed, but not as effective) in lieu of a rich and comprehensive set of best practices, technologies, and features able to ensure the strongest protection of surveillance data. T
Where does it begin?
First and foremost, IDIS utilizes a dedicated IP camera subnet for video transmission, and keeping it separate from a customer’s corporate network makes it incredibly difficult to establish an unauthorized connection into the corporate network. We educate and encourage our installers and integration partners to design a physically separate network and partition an isolated VLAN on shared network equipment, making a difference from the time of installation by keeping video surveillance data away from the end-users existing corporate network.
How does IDIS use technology to secure video surveillance data?
The IDIS total solution approach is comprehensive, layered, and multi-pronged to ensure maximum security, focusing on three main areas: secure data access, secure data transmission, and secure data recording.
How does IDIS enhance secure data access?
Secure data access is enhanced with IDIS DirectIP® our proprietary mutual authentication system, supported by all IDIS IP products. DirectIP ensures both sides identify and recognize who they are communicating with before the communication session is established. Additionally, IDIS NVRs have their own firewall installed that monitors and controls incoming and outgoing network traffic based on a predetermined set of security rules, designed and pre-configured to prevent unauthorized access.
And the use of two factor authentication further secures the solution. To gain access to an IDIS NVR, the user must certify themselves with the IDIS Mobile App after going through the usual login process.
And secure data transmission?
We assure secure data transmission through TLS (transport layer security), the cryptographic protocol designed to provide communications security and data integrity over networks. We integrate TLS into IDIS’s proprietary data security solutions with minimal performance impact on video surveillance data transmission, while preventing malicious activities such as sniffing, modification, and destruction of data as it is transmitted between devices across a network.
Of particular note is FEN (For Every Network) security from IDIS, an access and data transmission security system independently developed by IDIS using point-to-point (P2P) technology. FEN is an automated network configuration service which simplifies installation of networked surveillance systems and enables users to setup and configure secure systems without needing a professional knowledge of the routers and NAT devices on the network.
And what about secure data recording?
We use iBank, a proprietary database system, independently developed by IDIS, specifically for video recording. This system maximizes storage efficiency and enables fast data processing. In addition, storage devices that implement the iBank solution cannot be read by external devices such as PCs, keeping the data safe from forgery and alterations. The iBank system is used in all IDIS’s recording systems.
Additionally, our Chained Fingerprint technology helps prevent data forgery and maintaining data integrity by extracting distinctive features of recorded video data to generate a “fingerprint” for each frame. It then embeds each fingerprint into the data of the next frame, connecting each frame together with the next like a blockchain. Video data created with Chained Fingerprint technology can be submitted to courts as evidence since an alteration to any frame is easily and quickly detectable, making it simple to prove the footage is authentic and unchanged.
And we use edge encryption recording technology to encrypt video data at the IP camera before storing and sending it over the network. Therefore, additional encryption and decryption processes on storage and data transmission systems are unneeded. With encrypted data is recorded directly to the SD cards and HDDs, the stored data is safe from unauthorized access or undetected alteration if the SD cards or HDDs are stolen.
How will IDIS address future threats?
As concerns have moved beyond physical attacks on a network, unauthorized deletion or copying, and the like, and as each innovation has opened up new vulnerabilities and challenges, IDIS has kept pace, with matching innovation, to keep the protection of one’s surveillance as simple, straightforward, and effective as possible. That’s been our approach and that will be our approach to doing all we can to help our partners and end-users face down these threats, no matter how they evolve.
The post Tackling the Very Modern Problem of Securing Video Surveillance appeared first on Security Sales & Integration.