Dean Drako is the founder and CEO of Eagle Eye Networks, the global leader in cloud video security. Eagle Eye Networks ranked #133 in Deloitte’s 2019 Technology Fast 500 list of the fastest-growing technology companies in North America. Before Eagle Eye Networks, Dean was a founder of Barracuda Networks, serving as president and CEO from inception in 2003 through 2012.
We have all seen articles written about baby cameras or security cameras being viewed by strangers, controlled by strangers or strangers talking to children via these cameras (think Santa Claus or the boogeyman speaking to your child). Hundreds of these articles have been written by the media over the last 10 years (see below for a few samples).
All of these examples of hacked cameras teach us two things:
- Devices connected directly to the internet are vulnerable to hacking.
- Devices that are connected to the internet indirectly (shielded by a security device such as a hub or firewall) are less vulnerable to attack. This is called a layered defense.
If you want to increase the level of cybersecurity in your IoT implementation:
- You need to purchase your devices from a company that prioritizes cybersecurity. This means a company that focuses first on security rather than expediency and cute products.
- You need to minimize the number of devices connected directly to the internet using a layered approach.
- You need to make sure the firmware is continuously updated by either you or by the manufacturer on all the devices.
Consider the following:
If you are installing six security cameras you do not want to connect all the cameras directly to the internet or “cloud.” Why? Your attack surface area is at least these six cameras. In the same manner, if you are installing hundreds of sensors you do not want them each individually connected directly to the internet.
The larger your attack surface area the more likely it is that an attack will be successful. If you have thousands of devices connected to the internet you have to protect thousands of devices.
A more secure architecture is to have the devices connect via a hub, which implements an additional layer of security. If you have one device, such as a hub, connected to the internet it provides an additional layer of defense for all the other devices — a much simpler problem. You have effectively reduced the size of your frontline in the cybersecurity war.
Your goal is to reduce the size of your “attack surface area” and thereby increase your overall security.
Make sure that your attack surface area is fully maintained and that the equipment makers are highly reputable with a focus on cybersecurity. It’s even better if your suppliers have a strong track record in delivering cyber secure devices.
To increase your cybersecurity:
- Reduce your attack surface area by reducing the number of devices directly connected to the internet (use hubs).
- Make sure your devices that connect to the internet or the cloud come from a highly reputable supplier with a track record in cybersecurity.
- Make sure your devices that connect to the internet are fully updated by either the manufacturer or you in a timely manner.
The more devices connected directly to the internet, the greater the problem of keeping them up to date and the more you are dependent on the manufacturer. For example, if you were to use cameras from several different manufacturers and connect them to a cloud service without using a hub, you would have to utilize each manufacturer’s firmware update tool to update them.
With lots of different devices from different manufacturers exposed to the internet, you have increased your attack surface area that needs to be cyber maintained. You will have to implement a complex upgrade process where you are watching for firmware upgrades, making sure they are quickly installed and that your vendors are responding to any security issues.
You may have to constantly monitor multiple websites for each manufacturer’s updates. You will have to use multiple different tools to install those updates plus you will need to be disciplined in your monitoring of these sites as well as new updates for hacks. This creates a big task, almost like having a part-time job.
In fact, the task will typically be so painful that it will not be done. The firmware on the devices will not be upgraded in a timely manner and therefore you will be highly susceptible to a cyber attack.
Each device connected to the internet has software on it. The software was written by engineers and has grown highly complex. Engineers use a lot of software that they do not fully understand in detail. They have to build using blocks and tools that others have written.
It’s nearly impossible to build perfect software given the complexity of it. This leads to security vulnerabilities on nearly every device ever made. It’s just a question of someone finding the vulnerability and exploiting it. Reducing the “attack surface area” greatly reduces your risk.
How do you reduce your attack surface area for security cameras? Use Eagle Eye Networks. Eagle Eye Networks combines all of your cameras from different manufacturers and isolates them behind a bridge but makes them fully cloud accessible. Eagle Eye Networks does this by maintaining the firmware and security on its bridges and CMVR’s (hubs) so there is less worry and work for you.
Another way Eagle Eye Networks is increasing cybersecurity is through its EEConnect platform. Our Eagle Eye CameraManager supported cameras benefit from EEConnect, mitigating cybersecurity risks. Read more about EEConnect here.
Most other systems that expose cameras to the cloud or internet do not include this layer of protection. Eagle Eye Networks has a strong reputation for cybersecurity and secure video camera systems maintained by a team of experts.