Tag Archives: Cyber Protection Program

Camera Auditing and Back-Up

Video Management Systems play an integral role in tracking down perpetrators of all types as well as preventing criminal incidents in general. Given the broad base of applications for video management systems, there are many instances of large quantities of useless footage due to poor quality recording.  Regular audits and evaluations are to ensure that the best possible procedures are being followed can cut down on time wasted by sifting through unusable footage.

Consider the following best practices around logging, auditing and back-up processes to guarantee the most secure results:

  • Security Event Log – Supports reliable, fine-grained, and configurable logging of a variety of security relevant system events. This includes logins, configuration changes, and file and networks access.
  • Log Security – A log should be protected from unintentional and malicious. Limited access and proper authentication are required for good security.
  • Date and Time – Accurate date and times are extremely important for auditing and backup as this information will enable auditors and investigators to know exactly when specific events have occurred. During device set up, it is required that the date and time is either automatically set to the workstation or that the device uses Network Time Protocol (NTP) to synchronize the camera to the Coordinated Universal Time (UTC).
  • Logs by Default – Logs should not be optional, but created by default as a part of the device setup since they are the essence of detecting and uncovering malicious activity.
  • Backup/Restore – Maintaining your security position is very important as it is critical to quickly restoring the system to operation after an incident. There needs to be a method to back up a working camera and then to restore the data on the current or replacement camera.

Reviewing your camera’s logging and backup setting will provide you an opportunity to make sure it meets your site’s needs.  You should also verify that you can successfully restore a camera to ensure that your backups are not corrupt.  To learn more about the Cyber Protection Program visit our website at tycosecurityproducts.com/CyberProtection.aspx. For any questions you may have on the Cyber Protection Program, email jeffbarkley@tycoint.com.

Camera Protocols

Communication protocols are important so you want to review what you are using with your cameras and ensure that they adhere to your network’s security requirements.   Some common protocols available on cameras include the following:

  • Web Access – HTTP and HTTPs which provide access to the camera’s web interface. If possible, disable HTTP and use HTTPS which encrypts the communication using the Transport Layer Security (TLS) protocol.  You will need to load a digital certificate onto the camera if it doesn’t come preloaded with one.
  • Remote Access – Telnet and SSH which provide remote access to the camera’s operating system. If you don’t need remote access to the camera and have the option to disable these protocols, do so, so that they are not available for hackers to exploit.  If you need remote access to the camera’s operating system, use SSH if it’s available, as it encrypts the communication.
  • File Transfer – FTP and SFTP which provide file transfer to and from the camera’s operating system. Like remote access, if you don’t need to transfer files to the camera’s operating system and have the option to, disable these protocols so that they are not available for hackers to exploit.  If you need to transfer files to the camera’s operating system, use SFTP if it’s available, as it encrypts the transfer.
  • Network Management – SNMP which is used by some people to manage and monitor network devices. Depending on the functionality supported by the camera, you can use SNMP to write commands to the device – for example re-configure the IP address, or read device status information to generate alerts.  You should be using SNMP v3 because it has security features that overcome the weaknesses in v1 and v2c.
  • Post-based Authentication – IEEE 802.1X which is used to provide port-based authentication and authorization for devices to connect to the network. It will prevent malicious devices from connecting to your network, which helps improve security if your cameras or their connections are physically accessible. To use 802.1X you will need to set-up an authentication server and an authentication method such as Protected Extensible Authentication Protocol (PEAP).

Reviewing your camera’s protocols will provide you an opportunity to make sure it meets your site’s security needs.  This is not something you should do once and then set it and forget it.  You should conduct this review periodically to make sure that it still meets your needs and make any changes that are necessary. To learn more about the Cyber Protection Program visit our website at tycosecurityproducts.com/CyberProtection.aspx. For any questions you may have on the Cyber Protection Program, email jeffbarkley@tycoint.com.

Introducing the Cyber Protection Program from Tyco Security Products

Developed over five years, Tyco Security Products Cyber Protection Program is one of the first in the industry to offer a holistic approach to cybersecurity for physical security products. We’re committed to cybersecurity through a product’s entire lifecycle — from requirements through obsolescence.

TSP_CyberProtectionProgram

We’ve developed our cybersecurity expertise after many years of providing critical solutions for the United States government and large multinational customers, and we hold several industry firsts, including FISMA-ready access control and video solutions.

Six Part Approach to Cyber Protection
Our Cyber Protection Program’s six -part approach to cyber protection for physical security products looks far beyond components and devices and cyber security hardening. The scrutiny begins with the initial product concept and requirements, continues through analysis of system design and programming, and culminates with final testing, integration and evaluation.

  • Secure Product Development Practices – Secure coding and testing reduces the possibility of inadvertently introducing vulnerabilities during product development
  • Inclusive Protection of Components and Systems – Include range of capabilities to complement diverse security needs
  • Configuration Guidelines for Compliance – Provide comprehensive procedures on how to configure C•CURE 9000, VideoEdge and victor systems
  • Testing Procedures – Products undergo rigorous, continuous testing both internally and with an independent test house, to minimize the risk of security updates and new configurations in our cyber-compliant products
  • Rapid Response to Vulnerabilities – Quickly assesses the situation, distributes an advisory bulletin and follow up with fully qualified patches
  • Education and Advocacy – Maintain critical training and development certifications, speaks and advocates for cyber protection for security systems

Tyco’s Cyber Protection Team
Our autonomous cyber protection team, an independent branch of the development group, has deep process control knowledge and specialized expertise in cyber concerns with physical security systems.

Learn more about our Cyber Protection Program and how we are working to protect physical security products from attacks, damages, disruptions and misuse.