Research Hub > How to Secure Your Video Surveillance Systems

September 25, 2020

Article
3 min

How to Secure Your Video Surveillance Systems

Here are six steps that can help your organization protect these important assets.

video-serveillance
Video surveillance systems play an essential role in protecting the physical security of organizations across a wide variety of industries. Until recently, these systems ran on closed-circuit television technology and were the domain of physical security and facilities teams.

Learn how CDW can help you deploy enhanced video surveillance technology.

Modern systems, however, take a different approach and leverage digital networks to facilitate easy deployment of cameras and rapid analysis of camera data. The digitalization of this technology often shifts responsibility for camera systems away from facilities teams and moves it under the umbrella of the IT department.

I often work with CIOs and other IT leaders who find themselves responsible for the reliability and security of these systems. I’ve seen camera systems deployed in dozens of organizations and have learned some common lessons that can help any organization improve the security of its video surveillance deployment. Let’s look at six things organizations can do right now to protect the cybersecurity of these important assets.

Treat Video Surveillance Components Like Other Networked Devices

Now that cameras and other surveillance technology elements are connected to the network, they are subject to the same security threats as other network-connected devices. Make sure you take the time to keep these systems updated and protected against modern security risks.

Change Default Usernames and Passwords

While this may seem like common-sense advice, I’d estimate that more than 75 percent of the sites I visit still use default passwords for their security cameras. I recently visited the headquarters of a major financial institution and shocked the security team when I quickly gained administrative access to their system using a default password. These defaults are well known in the hacking community, and they’re available online to anyone who performs a quick Google search.

Restrict Camera and System Access

Not everyone in your organization needs access to video surveillance data. Consult with business and technology leaders to narrow the list of authorized users to those with a legitimate business need. To avoid unwanted system tampering, you should also limit as many users as possible to view-only access. Only a small number of trusted operators should have the ability to modify configurations or access stored video.

Isolate Surveillance Technology

While networking video surveillance devices brings tremendous benefits in manageability, it also presents a greater risk of unauthorized access. For this reason, I advise organizations to place their video surveillance components on an isolated, nonrouted virtual LAN, where it is safe from prying eyes. Administrators who need to connect directly to devices must physically access that network or use a tightly restricted VPN to gain remote access.

Avoid Consumer-Grade Equipment

It’s easy to run down to the local consumer electronics store, purchase a camera and deploy it on your network. However, these cameras lack the security features of enterprise-grade surveillance systems. They have no place in your video surveillance infrastructure.

Perform Regular Health Checks

Video surveillance systems are complex ecosystems that require close monitoring and attention. Work with your internal IT team or a vendor partner to perform regular monitoring to ensure that cameras are functioning properly and are patched against new security threats.

Protecting video surveillance systems from unauthorized access ensures that sensitive video remains confidential and that nobody can surreptitiously tamper with surveillance records. Taking the time to follow these six tips will help protect your video surveillance infrastructure from attack. 

Lynn Harold

Lynn Harold

CDW Expert
Lynn has more than 34 years of professional IT experience, the last 16 of which have been dedicated to the design, installation and management of physical security systems. Her networking background, combined with numerous industry certifications and a refined consultative approach to creating solutions, identifies her as a true client advocate who continually earns the trust of her customers.