By Hans Kahler, VP of Operations
When infamous American bank robber Willie Sutton was asked why he robbed banks, he supposedly replied, “Because that’s where the money is.” Fast forward about seven decades to today, and you might say the same for cyber criminals … they commit cyberattacks because that’s where the money is. But that wasn’t always the case. When we first started unmasking cybercriminals, their primary motivations were exacting revenge for some real or perceived slight, or bragging rights, or simply trying to prove they’re smarter than everybody else. Then, commerce moved online. Once the internet was monetized, so were the crimes – to the tune of an estimated $600 billion worldwide, annually.
Just as crime doesn’t discriminate, neither does cybercrime. Everyone’s susceptible – whether you’re a small mom-and-pop shop, or a global brand like Target or Equifax. And, while most businesses have proven cybersecurity in place to protect their computers, many overlook the multitude of other devices connected to the internet, such as HVAC, access control, and video surveillance systems. So, how do business owners protect these other IoT devices, like video cameras, from being hijacked by malicious, unauthorized infiltrators? The short answer is, “Look out for yourself.” The longer answer involves these four best practices …
- Minimize the attack surface – A burglar’s chances of breaking into a brick-and-mortar building are exponentially higher if the facility has 10 entry points, versus just one. The same goes for your video surveillance system. A system that has 15 cameras has 15 potential entry points through which a cybercriminal could attack. Modern video surveillance system architecture connects cameras via a single device, resulting in only a single point to guard. A video management system (VMS) that can manage the internet connection and camera connections independently, and act as a traffic cop between the two, gives you a more manageable, more efficient system.
- Minimize what you allow into your network – The most secure configuration allows for no inbound connections. It’s simpler to configure and easier to update. Think of it like Apple TV or Roku – you can receive content in and send commands out, but you don’t have any complex network configurations, because the device is connecting to the cloud. You have one outbound network connection. For protection, your video surveillance system should have a similarly simple configuration.
- Keep things up to date – Keep your operating system, applications, and firmware all current. Every computer system has vulnerabilities, from your mobile phone to your computer. However, keeping it up to date will ensure this less-than-flawless system is as protected as possible. Left to our own devices, the chances we’ll stay on top of updates and actually install them ourselves is slim-to-none – the process is often time consuming and laborious. Look for a VMS that provides centralized management system updates, applied automatically without disrupting your business and security operations. It’s simply more convenient and secure.
- Monitor EVERYTHING – A rancher doesn’t just put up a fence around his property and walk away. He drives the fence line every day looking for potential compromises. Operators of a VMS should do the equivalent. Check your cameras regularly to make sure they haven’t been tampered with, vandalized, or moved, and that they’re actually online and working. This type of system audit will enable you to take immediate action if something is amiss.