Facing a Smart Reality

In keeping with this week’s National Cyber Security Awareness Month (NCSAM) theme – “Today’s Predictions for Tomorrow’s Internet” – Johnson Controls, through its Cyber Protection Program for security products, focuses on how to get cyber-smart about the devices we use.

Without a doubt, the Internet of Things (IoT) brings many benefits and allows us to be more productive. These devices form the framework of the smart cities and smart homes that are increasingly becoming part of everyday lives. However, as business and security professionals, we need to be aware that those benefits can only be safely realized if our Internet-connected devices are on a path to increase security.

Smart use of smart devices

Here are some tips to keep your data, identity, and devices safe in a “smart”, connected world.

While these tips are geared towards smarter use of smart devices, they may also apply to your security systems.

  • Know the devices that are on your network. Most importantly, know their functions and connection to other devices. You can’t secure what you don’t know about, and interconnections are common. Use automated tools to inventory your network regularly and train employees on your BYOD (bring your own device) policies.
  • Make sure you understand what risk these devices can present. It is important to know the type of information being stored and transmitted. As the device owner, you are ultimately responsible for the data on that device. Saying you didn’t know the device contained or transmitted private or sensitive information will not prevent your company from the potential consequences of violating a regulation or law regulating the storage, use and transmission of personal and other information.
  • Segment and segregate your IoT devices onto their own separate network. Keeping IoT devices separate from other business or critical operational networks can help prevent them from becoming an entry point for attackers. If an IoT device must be connected to a business network, make sure that the device only has access to the systems it needs to properly function.
  • Secure your Wi-Fi network. Open Wi-Fi networks are an easy entry point for cybercriminals into a network. Always change the default password for your Wi-Fi (and other devices). Also, keep in mind that older versions of wireless security protocols such as WEP and WPA are insecure and can be easily hacked. Device owners should stay aware of and migrate to the strongest wireless protocols available.

Depending on your role and technical expertise, you may not be able to do all of the above yourself. Most likely, you will need to work with your company’s IT teams and trusted integrator who is committed to cybersecurity, but it’s always worth being aware and taking control where you can.

That being said, to find out how you can become a pro at cybersecurity, stay tuned for next week’s post.

If you missed our previous National Cyber Security Awareness Month blogs, read them here:

>> Week 1 – The basics of staying safe online

>> Week 2 – Cybersecurity in your workplace

We also encourage you to visit the Cyber Protection Program website for security advisories and resources on topics related to your cybersecurity.

 

Cyber Security in the Workplace

As National Cyber Security Awareness Month (NCSAM) moves into week two, Johnson Controls, through the Cyber Protection Program for security products, turns from last week’s post on staying safe online to this week’s theme, focusing on cybersecurity in the workplace.

Wherever you are in the hierarchy, and no matter the size of your organization, you have an important role to play in keeping your business cyber-safe.

How can you protect yourself and your workplace, and strengthen your cyber resilience? It’s a matter of simple vigilance, and good cyber hygiene. Start with these four principles:

  • Keep your software and operating systems up-to-date. System and software version updates are there for a reason. Beyond giving you access to additional functionality, keeping your operating system and software applications up-to-date is an effective way to fix known vulnerabilities so hackers can’t take advantage of them. If you can’t always keep the software up-to-date because of dependencies, consider putting in other controls to mitigate the vulnerabilities that were discovered and fixed in the updated versions.
  • Backup everything, and do a test restore. Yes, you’ve heard this a hundred times. But it is that important! There are so many ways data can be lost, including malware, viruses, theft, computer malfunctions and accidental deletion. That’s why you should always make electronic and physical copies of all your important work and system data, and make sure there is a copy stored in a safe place. For critical business data, backups should be stored at a separate location. If you store your backup data online, make sure it is not normally accessible from your current network, so that ransomware or other malware can’t get to it.
  • Disable any protocols for remote connectivity, unless constantly required for day-to-day operations. This includes protocols such as Telnet, SSH, FTP, SFTP, RDP/XRDP, ONVIF, UPnP, and VNC. Even if the protocols are used for occasional remote support or troubleshooting, it’s better to keep them disabled and only activate them when needed.
  • Periodically review accounts and privileges, and update them accordingly. Each system user’s privileges or roles should be defined as what they need to get their job done, no more. It’s not uncommon for there to be “privilege creep” for accounts, where additional privileges are granted for a specific one-time task and then never removed. Similarly, accounts for users who no longer need access should be dealt with according to your company’s policy.

In a nutshell: Cybersecurity at work is a shared responsibility to help reduce susceptibility to threats and attacks.

In next week’s post we will move on to smart use of smart devices. Until then, make sure to visit the Cyber Protection Program for security products website for product advisories and resources on matters related to your cybersecurity.

Seven Simple Steps to Staying Safe Online

Throughout the month of October, Johnson Controls, through the Cyber Protection Program for security products, is supporting the National Cyber Security Awareness Month (NCSAM) mission to raise awareness about the importance of cybersecurity, and individual cyber posture. NCSAM is an initiative of the U.S. Department of Homeland Security, together with the National Cyber Security Alliance and other public and private partners.

Each week the NCSAM will highlight a different theme – beginning with Simple Steps to Online Safety. In line with this, the following are some practical tips for simple things everyone can do protect themselves online.

While some of this is likely familiar to you, it’s always worth refreshing.

Practice good password hygiene

All of your online accounts – including your work email, online shopping, and social media accounts – contain more personal data than you may think. It’s worth a small amount of effort to help keep them secure.

  • Make sure your passwords are long and strong. Length is more important than complexity, long passphrases are better than short and complicated passwords. Even better, use a password manager to generate a strong password and store them securely.
  • Use a unique password for each account; and change a password if you even think it’s been compromised.
  • Use long and complex answers to forgot password questions and memorize them or store them in a password manager.
  • Never share your username or password. Anyone who needs access to the system should have their own account details.

Lock your devices

  • Always keep your mobile device and workstation locked. Even better, have an automatic lock go into effect after a couple of minutes of inactivity. You never know who is around the corner, waiting to steal, destroy or upload malware.

Surf and click cautiously

Both at home and in the office, you need to be wary of emails, websites and associated links that may contain malicious content that can compromise your system.

  • Only open emails or attachments from people you know. Hackers will also use know contacts for phishing, so when in doubt call the person to confirm the email is from them.
  • When in doubt, throw it out, even if you know the source. If it’s something you think may be legitimate, then go to the website directly rather than clicking on the link. Also keep in mind that if you receive an email from a familiar source asking for personal details, especially details they should already have, it may be a phishing ploy.

Bottom line, stay aware to stay cyber-safe

As security professionals, we all share a joint responsibility to protect devices, systems and networks, and help others do the same.

We recommend sharing these tips with your employees and colleagues, your customers – and your friends and family too.

Next week we’ll continue our National Cyber Security Awareness Month initiative, with a post focusing on cybersecurity in the workplace.

In the meantime, make sure to visit the Cyber Protection Program for security products website for product advisories and resources on matters related to your cybersecurity.

Take Your Solution to the Next Level! Become Our Next Technology Partner.

Do you have an innovative product or solution? Are you looking for new customer channels and opportunities?

The Connected Partner Program gives third-party technology manufacturers and developers the opportunity to integrate into our industry leading security solutions. Membership to the Connected Partner Program provides all the tools required for a successful integration, including the latest SDKs, APIs and engineering support as well as marketing opportunities to maximize market exposure.

Interested in becoming our next Technology Partner? Come meet us at ASIS booth no. 4119 on September 26 – 28, 2017 in Dallas, TX.

For more information or to book a meeting, please email us at tspconnect@tycoint.com.

Security Practices

Video Management Systems play an integral role in tracking down perpetrators of all types as well as preventing criminal incidents in general. You need to protect the integrity of your camera’s and the information it collects by making sure your security practices minimize unauthorized access .  Here are some practices that you can follow to help manage the overall security of your cameras:

  1. Create an inventory of all the cameras on your network, including the information for the primary and secondary contact person who manages the cameras, the camera manufacturer, model, location, IP address, current firmware version.
  2. Ensure that there is no physical access to the cameras, the supporting network equipment, the server and video storage for your system (i.e. cables, switches, etc.). These should all be in located in access-controlled areas.
  3. Ensure that there are no default passwords used by any of the cameras and operating system if they are accessible to the administrator or user accounts. If there is a need to update a password, use a complex and lengthy password for each individual camera.
  4. Set the idle session timeout for your camera’s interface to ensure that the web session is terminated even for those users who don’t log off of the camera.
  5. Place your camera system on a separate network from your operational network. This helps to reduce the impact of camera traffic on your operational network, and makes it harder for an attacker on one network to gain access to the other.

Periodically reviewing and updating your practices and settings will provide you an opportunity to make you camera still meets your security needs.  To learn more about the Cyber Protection Program visit our website at tycosecurityproducts.com/CyberProtection.aspx. For any questions you may have on the Cyber Protection Program, email jeffbarkley@tycoint.com

ILLUSTRA FLEX NEXT GEN 3MP CAMERAS OFFER HIGH-QUALITY VIDEO AND ENHANCED BANDWIDTH MANAGEMENT

Illustra Flex next generation 3MP cameras advance the current portfolio with superior image clarity, edge-based failover redundancy, and Illustra® IntelliZip video compression capabilities for unprecedented bandwidth management.  The new cameras take the Flex line to a higher level of video quality while maintaining the lower price point customers have come to appreciate.

 3mp-collage

Highlights:

  • IntelliZip provides optimized bandwidth management
  • Edge-based, seamless failover redundancy with TrickleStor
  • P-Iris for image clarity in changing light conditions
  • Part of Tyco Security Products Cyber Protection Program
  • True WDR 120dB for superior image clarity in challenging light conditions
  • True Day/Night functionality for quality video recording in low light conditions
  • Motorized lens for ease of focus and zoom operator control
  • Excellent options for indoor or outdoor surveillance
  • Easy to install and set up
  • A Product Portfolio with cameras for any application

Illustra Flex Features:

IntelliZip provides superior bandwidth management

All of the Flex 3MP cameras feature IntelliZip compression technology which provides powerful bandwidth management beyond H.264 and H.265 to reduce network bandwidth and video storage requirements. This embedded technology continuously monitors and optimizes system streaming parameters to match the level of activity within the camera’s field of view. When the camera detects motion, IntelliZip automatically adjusts the video quality to ensure every detail within the region of interest is captured clearly. When the scene becomes static, IntelliZip continues to optimize bitrate.

TrickleStor technology provides edge-based failover redundancy

The new TrickleStor feature allows video recording to continue when an outage occurs. If communication between the NVR and cameras is interrupted, the camera automatically detects the anomaly and begins recording to its internal micro SDXC card, storing up to 128GB of video. Once the connection is restored, the recorded video is then seamlessly transferred back to the NVR’s hard drive.

Included in Cyber Protection Program

The next generation 3MP cameras adhere to the rigorous standards set forth by Tyco Security Products Cyber Protection Program (CPP). The CPP mandates an extensive and systematic approach to developing, configuring, and supporting physical security products and systems that help manage the risks associated with cyber-attacks and meet IT security demands. The new Flex 3MP cameras meet these requirements and employ multiple user access levels, IP address filtering, user access logs, and IEEE 802.1x for additional security.

True WDR 120dB for superior image clarity in challenging light conditions

Illustra Flex 3MP cameras deliver superior HD 1080p video at 60 frames per second using H.264, H.265, MJPEG, or IntelliZip compression technologies and feature a P-Iris lens for optimal image clarity. The box, bullet and outdoor mini-dome include an integrated IR illuminator that provides high-quality video up to 25 meters in even the worst lighting conditions.

True Day/Night functionality for quality video recording in low light conditions

Using the very latest True Day/Night technology, the cameras maintain image detail in scenes of varying light conditions (e.g., doorways and windows) with, and automatically switch between color, and black and white mode depending on the ambient illumination level allowing the camera to maintain crystal clear images day or night.

Motorized lens for ease of focus and zoom operator control

The cameras feature a motorized lens which makes it very easy to focus and zoom, eliminating timely and error-prone manual adjustments.

Excellent options for indoor or outdoor surveillance

All of the new Flex cameras feature motion detection that instantly alerts operators of any intruder activity, and blur detection to ensure the cameras are in focus at all times. Additionally, the new mini-domes are IK10 rated ensuring they can withstand external impacts that might occur if an intruder was attempting to take the camera out of operation. The outdoor mini-domes and bullet cameras are IP67-rated which ensures protection against dust and water, making them ideal for outdoor applications.

Easy to install and set up

The Illustra Flex 3MP cameras use a built-in web server for easy configuration. When used with the Illustra Connect software tool, discovery, snapshot, configuration, IP address assignments, diagnostics, and firmware upgrades take no time at all. The camera use Power over Ethernet (IEEE 802.af) which eliminates the need for cables and reduces installation time and cost. Other time-saving features include:

  • Motorized focus and zoom
  • Easy-to-remove recessed mount
  • 375°pan and 3 axis gimbal (mini-domes)

A Product Portfolio with cameras for any application

Because of its compact design and affordable price, the Flex 3MP Box Camera is best suited for small to medium size offices, retail boutiques, schools, and bank branches looking for a cost-effective camera.

Featuring a tough exterior, the Flex 3MP Bullet Camera is ideal for exterior applications of small to medium size offices, retail boutiques, schools, and small bank branches looking for a rugged camera that can withstand harsh environments

The Flex 3MP Mini-Domes feature a recessed mounting option, allowing them to be covertly installed in a variety of both interior and exterior locations such as the cash register terminal at a retail store or above a drive-thru ATM.

Learn more about the Illustra IP camera portfolio

Camera Auditing and Back-Up

Video Management Systems play an integral role in tracking down perpetrators of all types as well as preventing criminal incidents in general. Given the broad base of applications for video management systems, there are many instances of large quantities of useless footage due to poor quality recording.  Regular audits and evaluations are to ensure that the best possible procedures are being followed can cut down on time wasted by sifting through unusable footage.

Consider the following best practices around logging, auditing and back-up processes to guarantee the most secure results:

  • Security Event Log – Supports reliable, fine-grained, and configurable logging of a variety of security relevant system events. This includes logins, configuration changes, and file and networks access.
  • Log Security – A log should be protected from unintentional and malicious. Limited access and proper authentication are required for good security.
  • Date and Time – Accurate date and times are extremely important for auditing and backup as this information will enable auditors and investigators to know exactly when specific events have occurred. During device set up, it is required that the date and time is either automatically set to the workstation or that the device uses Network Time Protocol (NTP) to synchronize the camera to the Coordinated Universal Time (UTC).
  • Logs by Default – Logs should not be optional, but created by default as a part of the device setup since they are the essence of detecting and uncovering malicious activity.
  • Backup/Restore – Maintaining your security position is very important as it is critical to quickly restoring the system to operation after an incident. There needs to be a method to back up a working camera and then to restore the data on the current or replacement camera.

Reviewing your camera’s logging and backup setting will provide you an opportunity to make sure it meets your site’s needs.  You should also verify that you can successfully restore a camera to ensure that your backups are not corrupt.  To learn more about the Cyber Protection Program visit our website at tycosecurityproducts.com/CyberProtection.aspx. For any questions you may have on the Cyber Protection Program, email jeffbarkley@tycoint.com.

Do Better Business with the Complete Security Solution

Claim your share of the lucrative ‘integrated solution’ business with the Complete Security Solution — an all-in-one, pre-integrated solution for best-of-breed video surveillance, intrusion detection, and access control.

CSSChartGraph

The Complete Security Solution is perfect for increasing revenues, expanding into additional areas of security, reducing installation costs, and up-selling current installations. Additional benefits include:

  • Comprehensively securing premises, property and people at any size commercial, educational, or public site
  • Fast, simplified installations
  • Highly scalable
  • Single user interface & intuitive use – extremely appealing to end users!
  • Remote management & control, with a suite of mobile apps
  • Lower overall cost to dealers and end users

To find out how to successfully compete on more jobs and become more profitable with the Complete Security Solution.

Tyco Security Products Integrations: Incident Management

Physical security teams in healthcare, higher-education or commercial enterprise settings deal with incidents on a daily basis. While most incidents are considered small and routine – like a fender bender in the parking lot, at times they can be much more significant, like an attempted robbery or assault. For all these cases, the physical security team will record the details in an incident management system so that the data can be archived for legal reasons, for example to protect the hospital in the event of a lawsuit or criminal prosecution, or to provide insight so as to prevent similar incidents from happening again.

Incident management software has traditionally been used for exactly that purpose: recording details of an incident once the incident has occurred (post incident). However, as the demand and systems have grown, software capabilities have evolved to now manage the entire incident as it happens, from the notification of an incident, to the response (or dispatch) through to the final reporting. These additional capabilities are mainly facilitated through a number of integrations that are now available with incident management systems.

The same can be said about access control or video management systems. While they are still often used for their traditional capabilities, such as granting access to employees through secured doors or recording video for playback in case of an investigation, integrations have brought additional capabilities to these systems as well.

C•CURE 9000 access control systems from Software House and victor video management systems from American Dynamics, both part of Tyco Security Products’ offerings, are global leaders in the access control and video surveillance markets and are deployed in many of the leading enterprises across the globe, including some of the largest healthcare and educational facilities worldwide. These platforms have now grown to include integrations with several types of both security and non-security related systems, such as: Elevator dispatch systems, Emergency communication systems, Time and attendance or payroll systems and even Incident Management systems, to name a few.

The benefits of integrating your incident management system with C•CURE 9000 and victor VMS are clear as they can provide essential data to help in the notification, dispatch and reporting of incidents.

Consider the following examples:

  • An ex-employee is attempting to re-enter the hospital pharmacy using his unreturned access card. C•CURE 9000 will notify the security team immediately through its event monitoring screen and send the event data to the incident management system for dispatch of security staff. The security team can confirm the identity of the suspect through the victor video system and track his movements as well. Once the suspect is apprehended, an incident report is created that includes all the essential data:

a. The exact time the incident began.

b. Actions taken by the security staff.

c. How quickly the dispatch staff reached the scene.

d. Video images of the scene as it unfolded.

  • An important piece of equipment has disappeared from a storage room. Investigation using the incident management system reveals the last employee that entered the storage room using access control data and recorded video data also reveals images of the perpetrator carrying the equipment down a hall towards an exit and then into a parked car. The same access card is then used to exit the parking area. A comprehensive report is made available for authorities to use for possible prosecution, including:

a. Details of suspected employee identity.

b. Time of entry and exit for the employee.

c. Video images of the incident.

Of course, seamlessly and bi-directionally sharing information from disparate systems also greatly improves security staff efficiency. Where the security team used to have to search through many different systems to put together a comprehensive report for an incident, they can now pull the data they need from one single source.

D3 Security Management Systems Inc. as well as Resolver Inc. are leading incident management software developers and their products are used various types of applications. They are also approved members of the Connected Partner Program from Tyco Security Products, through their integration with Software House C•CURE 9000 and victor VMS.

“An event or alarm reported through the integrated access control and/or video system is often what starts the incident management process. Our customers extract a ton of ROI simply by not having to re-enter the information manually each time there is a dispatch response.  At the other end of the spectrum, the more advanced customers will even push out a dispatch automatically, to the closest available officer, based on his or her GPS position, in seconds and with zero human intervention” says Gary O’Connor, Director of Strategic Alliances at D3 Security.

“Integration with the onsite access control and video system has become a key part of an effective incident management system. Having data from both those systems helps our software optimize the dispatch of security guards as well as provide accuracy in the automation process of the overall security system”, says Brian McIlravey, EVP Corporate Security & Command Center Applications at Resolver.

C•CURE 9000 from Software House and victor video management systems from American Dynamics also present the additional benefit of having the capability to send data from their integrated sub- systems through to the incident management platform. For example, a PowerSeries Neo alarm panel from DSC, integrated to the C•CURE 9000 system will provide even more data that can be used in monitoring and investigation by security staff.

For more information about the C•CURE 9000 from Software House and victor video management software from American Dynamics as well the approved list of integrated partner products, please contact us at tspconnect@tycoint.com or visit the Compatibility Matrix.

Camera Protocols

Communication protocols are important so you want to review what you are using with your cameras and ensure that they adhere to your network’s security requirements.   Some common protocols available on cameras include the following:

  • Web Access – HTTP and HTTPs which provide access to the camera’s web interface. If possible, disable HTTP and use HTTPS which encrypts the communication using the Transport Layer Security (TLS) protocol.  You will need to load a digital certificate onto the camera if it doesn’t come preloaded with one.
  • Remote Access – Telnet and SSH which provide remote access to the camera’s operating system. If you don’t need remote access to the camera and have the option to disable these protocols, do so, so that they are not available for hackers to exploit.  If you need remote access to the camera’s operating system, use SSH if it’s available, as it encrypts the communication.
  • File Transfer – FTP and SFTP which provide file transfer to and from the camera’s operating system. Like remote access, if you don’t need to transfer files to the camera’s operating system and have the option to, disable these protocols so that they are not available for hackers to exploit.  If you need to transfer files to the camera’s operating system, use SFTP if it’s available, as it encrypts the transfer.
  • Network Management – SNMP which is used by some people to manage and monitor network devices. Depending on the functionality supported by the camera, you can use SNMP to write commands to the device – for example re-configure the IP address, or read device status information to generate alerts.  You should be using SNMP v3 because it has security features that overcome the weaknesses in v1 and v2c.
  • Post-based Authentication – IEEE 802.1X which is used to provide port-based authentication and authorization for devices to connect to the network. It will prevent malicious devices from connecting to your network, which helps improve security if your cameras or their connections are physically accessible. To use 802.1X you will need to set-up an authentication server and an authentication method such as Protected Extensible Authentication Protocol (PEAP).

Reviewing your camera’s protocols will provide you an opportunity to make sure it meets your site’s security needs.  This is not something you should do once and then set it and forget it.  You should conduct this review periodically to make sure that it still meets your needs and make any changes that are necessary. To learn more about the Cyber Protection Program visit our website at tycosecurityproducts.com/CyberProtection.aspx. For any questions you may have on the Cyber Protection Program, email jeffbarkley@tycoint.com.