Exposed to cyber-attacks, small businesses need powerful cyber-security, say BCDVideo.
Becoming increasingly more common, cyber-attacks have received plenty of media attention. Remarkably, small businesses have not responded with cyber-attack response plans and even neglect to use cyber-security best practices. This level of vulnerability can lead to preventable cyber-attacks wreaking havoc on small business’ bottom lines. Cyber-attacks can exploit any weakness in your network including video surveillance devices. Beyond simply separating your business network and your IP video devices, small businesses need a cyber-security plan that follows industry best practices and actively protects sensitive information.
Entry link
According to US firm Nationwide’s second annual Small Business Indicator, 78pc of small businesses do not have a cyber-attack response plan, even though more than half (54pc) fell victim to at least one type of attack. Most common types of attacks were:
– Computer Virus (37pc)
– Phishing (20pc)
– Trojan Horse (15pc)
– Hacking (11pc)
– Unauthorised access to customer info (7pc); and company info (7pc).
About 60pc of those who did experience a cyber-attack said it took longer than a month to recover. By contrast, those that did not encounter a cyber-attack think their company could recover within a month. Often overlooked, IP video surveillance can be targeted as an entryway into your business network. As more devices become linked to a network, properly securing your surveillance devices is the most effective way to prevent common cyber-attacks from stealing sensitive company information and hurting your bottom line.
Best practices
– As manufacturers find cyber-security issues, they create fixes and patches to address those issues and prevent cyber-attacks. Always update.
– Not changing usernames and passwords from the default settings is a major vulnerability. Always create user names and custom alphanumeric passwords. Ideally, not attached to an email address.
– Choose passwords difficult to guess. At least eight characters long, upper and lower case, numbers and symbols. Change every 90 days for mission critical operations.
– Use password lock-outs. After several unsuccessful log-in attempts, a system component should lock out the user and notify system administrator.
– Limit access only to necessary users. Each account should only be given the authority to access the resources required to fulfill his or her specific responsibilities. Every transaction that occurs in an application should be logged so that there is a record for forensics later.
– Keeping IP video surveillance systems safe involves authentication, authorization, and accounting. All appliances should implement these functions.
– Track who accesses appliances. Any time anyone interfaces with an appliance, their login information should be captured, with the MAC address used. Username and password not only restricts access to a device but ensures accountability for operators whose involvement with the system is clearly documented.
– Authorisation ensures only operators who have the required credentials can perform specific tasks. For example, a security officer whose job is to watch video screens should not be authorised to delete or copy.
– Install a firewall appliance between IT assets and the internet. The basic need for a firewall applies just as much to IP video as to any other IT system. At the very least, a system should use NAT (network address translator) at the internet gateway. NAT involves virtualization of IP addresses which help to improve security and decrease the number of IP addresses an organization needs.
– The more mission-critical the video surveillance data, the better the firewall should be. Firewall appliances are a barrier to keep destructive elements out of a network or specific device.
Deployments
Traditionally, small-budget projects with a mandate to meet a price point forego reliability, security, and performance when it comes time to purchase a new video system. The short-term savings associated with choosing a white-box server quickly deteriorate into high long-term costs. Making an investment in a purpose-built solution optimized for video is not only cost-effective, it ensures reliable performance for years. Regardless of the number of cameras, all video surveillance needs to be considered critical. Enterprise reliability, security, and performance are no longer exclusive to large installations. Winner of the 2016 Infrastructure Innovation Award, the BCDVideo Aurora Server Series offers small projects the first high-performance, purpose-built solution.
Unlike other small market servers, the Aurora Series has a total system throughput of over 400Mbps, bandwidth to scale up to 200 cameras, and proactive SMARTdeflect cybersecurity. The HGST helium hard drives deliver an unprecedented reliability rating of 2.5M MTBF. That level of reliability paired with Helium’s atomically light characteristic increases drive speed and storage density while reducing friction by 30pc. This achieves 23pc reduction in power usage while running 4-5 degrees cooler than traditional drives.
SMARTdeflect
To protect video surveillance systems from attack, BCDVideo developed SMARTdeflect. A two-factor authentication application designed specifically for BCDVideo servers. The two-factor login process includes a self-generating PIN randomly re-assigned every 30 seconds. System administrators can also monitor all logins with optional email notifications for every successful or unsuccessful login attempt. Because SMARTdeflect can be accessed on any smartphone, administrators can temporarily disable all outside access to a server under attack. Also, the easy set-up and customizable system settings give administrators control over their servers. With cybercrime on the rise, providing security with SMARTdeflect to all Aurora servers offers small businesses a server with proactive defense against cyber-attacks.
