5 Device Hardening Techniques for Robust Cybersecurity
Jason Burrows, West Coast Regional Sales Director, IDIS America
Ever since IP technology entered the surveillance business, security cameras have become an attractive target for hackers. Many customers are still not aware of the risks involved or are not willing to take extra care to protect themselves.
For some, this could either be because they feel no hacker would be interested in their cameras or because they feel they have nothing to lose even if hacked. As a result, these customers are missing the bigger picture, as there is an even more pressing concern now.
Experts point out that more and more hackers are attempting to use non-secure cameras to generate network traffic for Distributed Denial of Attacks (DDoS) that can knock off servers or networks. The moment you connect your camera to the internet, they become a potential threat to others as well.
Device hardening is a process that includes a series of steps to make a device cyber-secure. Here are five device hardening techniques that can help protect your surveillance system from hackers.
1. Update on time
Camera vendors offer regular firmware updates or as soon as they come across a potential vulnerability. You will need to have a process or system that allows for updates of your camera firmware as soon as they are available. Depending on the brand of camera you use, this may have to be done manually, or you can have a system that applies updates when they are available. However, users need to be aware that auto-updates mean cameras need internet-access, and while seeming convenient and efficient makes them more vulnerable to attack. Further, it’s important that other devices are not left vulnerable and so users need to take a holistic view of each device across their surveillance set up.
2. Get rid of default passwords
Simplest of simple steps, isn’t it? Wait until you are managing a medium to large-scale project with a hundred devices or more. Changing the default password on each device may not sound so easy then but is definitely critical to protecting your network. Using plug-and-play solutions, that do not need to be password-protected independently, is another feasible option. Just make sure the admin account with all the privileges is rock solid.
3. Don’t be unnecessarily discoverable
Cameras and network configuration today provide several options to make devices discoverable, or not. When you have finished configuring the device, disable the discoverability feature. This will keep the devices invisible to hackers, preventing any attempt to breach.
A similar step is to disable unused ports and features of any device connected to the network to limit a hacker’s options to exploit vulnerabilities.
4. Turn off the unused devices
The number of connected devices in the market continue to rise at a rapid pace. All of them connect to the same network that your cameras are connected to and provide more opportunities for hackers to enter the system. If all those connected devices are necessary for you, then follow the steps mentioned above to protect them. Or if some are not necessary, turn them off.
5. Filter that IP
Devices with edge-based technology need to be accessed only by the server or the admins. IP filtering, a feature that’s available on many edge devices these days, allows you to limit the access to the device. With the optimized use of user-privileges and IP filtering, you can ensure there is no unauthorized entry.
The best thing about these cybersecurity measures is that you need only basic technical skills to implement them. Combined with frequent inspection of audit trails in a device, these steps can keep track of any unwanted attempts to access it.
If you’re still not confident about the cybersecurity of your surveillance system, then feel free to reach out to your local IDIS sales and technical teams for advice. In addition, ask them how IDIS DirectIP® is proving invaluable to many customers globally in helping streamline cybersecurity and delivering not only peace of mind but significant operational efficiencies for them and their system integration partners.