Security Alert: Video Camera Breach
Important security update on controlling your environment.
In light of the recent Verkada security camera breach, we wanted to share CSG’s take on the best practices to follow when securing your video surveillance environment.
Due to the nature of surveillance cameras and the numerous vulnerabilities they can present, CSG’s recommended best practice is NEVER to allow a camera to communicate directly over the internet. We advise that cameras always be placed on a dedicated network with no access other than the video recorder itself. Having control of your environment (network, cameras, and video recorders) and the multiple layers of security in place will ensure that you are protected and allow your devices to be kept up to date. Although cloud-connected surveillance cameras may add convenience, they come at the cost of exposure to a higher degree of risk, as the control over them is limited due to their proprietary nature.
Having trust in your vendor, which may have access to confidential data, is invaluable. The Verkada breach was a “non-technical” hack, meaning the policies and procedures to protect critically sensitive data were either not followed or simply not in place. No matter how solid a product can be, the platform is only as strong as its weakest link. CSG recommends always having your vendor provide proven and audited documentation (for example, a SOC 2 Type 2 audit) indicating that these important security policies and procedures are in place and that they are being strictly adhered to. CSG’s video surveillance solutions follow the above standards. Learn More about our Video Surveillance and our PikoVMS.