Data protection: Secure your information before it becomes too late.
Security can be a very obscure word. The context of the word is crucial in understanding if you are actually secure. If locked doors made items secure we would have no need for Security Cameras. If our network devices were immune to remote access vandalism we would not have firewalls on our networks. The phrase “security through obscurity” is very dangerous, and it is all too well known in the IT world.
Obscurity is one instance of where IT needs to be detailed in the management of CCTV systems. The tools available for the bad people to use are not toys. They can pick apart networks quickly like ants on a piece of carrion. Every crack and crevice will be known and fast.
Your security camera system can become the point of an attack from hackers. I have seen this manifest itself in different ways now. These attacks are an extension of old personal computer attacks just on DVRs and NVRs. These attacks are completely preventable, but you have to be proactive. Network appliances have to be configured properly as well as the DVRs.
First and foremost our Elite series equipment prompts the first user to change the login passwords. Changing default passwords is extremely important for one main reason. Anyone that knows how to google “what’s my default password” is going to figure out your device’s default passwords in less than 60 seconds. Another recommendation is to make yourself a new administrator account to operate the DVR/NVR. Then only use the default admin account to recover passwords of other accounts.
The next way to make your system more secure is to change off default port numbers. All CCTV DVRs and NVRs are network capable. The network capable is what allows for the remote access. The same applies here as well and it does not take long to find out what the default port numbers are. Port numbers dictate what kind of protocol is being used. A protocol can be listened to or sniffed as it is a communication. Since not all communication is encrypted when it is sniffed, the hacker can find out the login credentials as they are transmitted in raw text that can be made readable again. Using encrypted protocols will stop the login information and all packet data mostly unreadable. Without cracking the key to deciphering the data packet the hacker would never know what it contains. Most DVRs and NVRs now support HTTPS. The standard port it operates on is 443, but you can always change it. This protocol operates at the highest level of the OSI model. For most people this can be acceptable such as retail business for other industries this may not be the best practice as you can only use web browsers for access to use the encryption.
For an industry that has to be HIPPA compliant in security, it is dictated you use other than default configurations. Protecting medical records is a very important. This means any device on an IP address that is default must be changed for every device. Port numbers for protocols must also be changed. That directly affects how remote access works. Usernames and passwords also must be changed. In short anything that has anything to do with patients must be completely changed out of default configurations. In security cameras, the configuration needs to be changed and the data protected from people that should not have access to it.