search.noResults

search.searching

dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
g physical security y with the


right tools C


yber criminals will relentlessly look to exploit vulnerabilities in all technology, including physical security systems.


How can organisations harden their physical security systems to protect them from cyber attacks?


labour-intensive. It is for this reason that modern centralised security applications can monitor the system’s health and provide the end-user with a complete view which helps them anticipate problems and develop solutions proactively.


This type of guide shouldn’t be full of technical jargon and codes that most end- users will not understand. It should be in clear English, provide rules that are easy to understand and ultimately provide an objective score of how secure the system is.


Effective system maintenance Unsecure devices – leaving the gate open


Beginning to harden your security infrastructure against this type of intrusion can be as easy as changing the default manufacturer password. According to our own research, 23 per cent of users have at least one camera that uses default credentials. However, with greater connectivity of systems over the internet, an unsecure device can become the gateway to accessing a large amount of data and information. Put simply, working to harden a physical security system is also working to protect all of the other systems and data on that network.


A strategy for hardening your security


Given these potential vulnerabilities, it makes sense to have a security strategy in place that protects against both physical and cyber threats. Not only this, but the solution must also provide users with insight into their devices, and show them how to improve their security. This kind of system is one which incorporates multiple and varied lines of defence, including encryption, multi-layer authentication, and authorisation. This comprehensive approach requires that every device captures data and moves it to a unified security system for management, analysis and storage with strong encryption that is accessible only to authenticated and authorised end-users.


Encryption and Authentication


This all starts with encryption – the most basic thing that users can do to protect their data. When data is encrypted, even if an unauthorised person gains access to it, it is not readable without the appropriate key. It is a straightforward enough process, but it requires that vendors build this capability into their security products. If a product does not enable encryption, it should be an immediate red flag. Encryption is a good way of hiding data, but it cannot stop unauthorised access to your network. For this, organisations employ different forms of authentication. Authentication is the process of first determining if an entity is who it claims to be and verifying if and how that entity should access a system.


Keep your infrastructure secure


Beyond encryption, one of the keys to maintaining overall system health is keeping your infrastructure secure. An improperly protected device or component can leave you vulnerable. In an ideal world, all endpoints will be thoroughly checked upon installation and kept up to date. However, with often hundreds of devices’ data across a site (such as cameras, access control points and other sensors), it can be incredibly difficult to manually manage each endpoint. Accessing the information required, hunting down the various criteria and then checking each element manually makes the process highly


© CI TY S ECUR I TY MAGAZ INE – SUMME R 2 0 1 9 www. c i t y s e c u r i t yma g a z i n e . c om


In addition to following best practices, ensuring that your system is up to date is also key for maintaining its security. According to our data, only 30 per cent of cameras use the latest firmware version. This means that 70 per cent of supposedly secure cameras are running out-of-date firmware that is potentially an attack vector. A sophisticated solution will not only show users the status of these endpoints, but have configuration and updates built in. As a result, system maintenance becomes more effective, and costs therefore reduced.


Every party is responsible for cybersecurity


The world of physical security has become connected to the internet at an astonishing pace. No longer do we live in a ‘closed’ world; even ‘airtight’ systems (those which are kept on an internal network with no connection to the outside) are hackable with a USB stick. Every party is responsible for cybersecurity – from the manufacturer and the integrator to consultants and the end-user. As end-users are most at threat from a vulnerable device, they should ensure that the vendors and suppliers they go into business with are just as serious about cyber security and provide them with the tools to protect against cybercriminal activity.


Paul Dodds UK & Ireland Country Manager, Genetec Inc.


www.genetec.com


>


5


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40