IFSEC Insider is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Jamie Barnfield brings with him nearly 20 years' sales experience in the security industry across IP-enabled video surveillance and security solutions as well as traditional CCTV systems. He has held sales management positions at The Solutions Group, March Networks, Silent Witness, and at Risco Group. Jamie joined IDIS in April 2013 and is responsible for value-add solution sales to support IDIS installers and integrators, as well as end-user sales from small businesses through to enterprise-sized organizations from a wide range of markets and environments.
Released in November, several topics of interest were highlighted in the 2020 Video Surveillance Report from IFSEC Global, including a growing appreciation of AI, an uptake in the use of cloud-based storage systems and continued cyber security concerns in cameras. Here, Jamie Barnfield, Senior Sales Director at IDIS Europe, offers his take on the findings.
Read the full Video Surveillance Report 2020 for yourself, here.
There are a number of takeaways from the 2020 Video Surveillance Report, but any systems integrator or manufacturer working with surveillance will have been pleased to see that, compared with 2019, users are now overwhelmingly realising the benefits for AI video analytics. And, in my experience the main barriers to adoption such as cost, privacy concerns and return on investment are incredibly easy to overcome. The latter may well be a thing of the past as organisations increasingly look for cost savings and productivity gains.
The most surprising finding concerned cyber security vulnerabilities, where almost half of respondents cited ‘back doors’ as a particular worry. For several years, the security media has highlighted this issue: when manufacturers develop ‘back doors’ for customer support and troubleshooting, they also create worrisome gaps in cyber protection that hackers can exploit.
Manufacturers with extensive R&D departments and patented technologies should be more than aware of the risks of hacking and insider threats including data breaches. So, it’s a major concern if design engineers continue to believe common ‘hash’ functions for factory resets are cleverly hidden. If a hash function is leaked by hackers or just tried by anyone internally to gain access to this sensitive information – disgruntled employees, for example – the result could be serious security breaches and damaging publicity for all parties involved.
“44% of security professionals are now using cloud-based tech in their surveillance systems”
For many technologies cloud is the future, this has become apparent to me and the IDIS Europe team considering the number of data centre upgrade projects we have recently completed and have planned.
Cloud architecture and cloud-based technologies, including cloud video, should mean leveraging existing networks and so there’s no need to implement separate VLANS. And outsourcing on-prem hardware and software takes away the headache of maintenance and updates. It also provides increased flexibility in that users can access footage and video analysis from anywhere using any device, while providing easier extensibility with third-party systems. And remote access is becoming an important requirement, especially with increasingly mobile workforces. Nearly all reputable surveillance vendors offer secure mobile apps, options for cloud storage, and varying levels of cloud VMS functionality.
Many traditional video vendors are futureproofing their solutions in terms of the ability to scale, offer off-the-shelf integration with other security and safety systems and devices, and allow seamless upgrades to that latest VMS and AI analytics. IDIS has been one such vendor promoting the benefits of backward and forward compatibility for years, extending the lifecycle of systems and effectively futureproofing them.
We’re definitely seeing more customers opting for a hybrid cloud model. Critical infrastructure organisations and corporate enterprises in particular are using private cloud storage, while others are opting for shared data centres and/or co-los rather than on-prem severs. In terms of remote access, many organisations need to operate partitioned solutions, especially those in sectors such as retail, healthcare, and education.
We can already provide multi-level access capabilities that security, loss prevention managers and other staff require to manage specific areas, sites, or groups of branches. They can do this on the free mobile app and the new IDIS Cloud Manager, yet most customers still want secure and robust NVRs, together with client software at individual sites, combined with a centralised monitoring environment that can also benefit from cloud technologies. With this approach they get the best of both worlds, without the cost of an end-to-end cloud system.
34% of respondents to the Video Surveillance Report said they were using end-to-end cloud solutions, which initially came as a surprise as we’re not seeing that on the ground the UK. However, it’s worth remembering most VSaaS vendors are operating outside of the typical security buying chain – they are targeting end users directly, which is possibly why, in security, we are not actively competing. In many cases VSaaS is being adopted using a handful of cameras to perform sophisticated analytics and integrate with sensory devices, rather being used for more wide area security surveillance monitoring and security operations.
High-profile cloud data breaches continue to make customers wary for security applications. There are still bandwidth issues when it comes to high-definition surveillance since the most significant benefit is using existing networks. Taking this approach, many organisations will face a difficult choice: the cost and disruption of upgrading their networks, or the need to accept the limitations of lower-quality video and latency, and possibly a limited camera choice.
Many cloud-only vendors are yet to build out their camera ranges to provide a workable choice for comprehensive and high-definition indoor and outdoor surveillance monitoring. A good illustration of the demand for high quality video is that as soon as IDIS launched its 12MP fisheye, customers upgraded from the 5MP version to provide managers with high definition evidential footage right to the periphery. Organised criminals, opportunists and staff tend to try their luck at the very edge of a scene, particularly in retail because they are aware of blind spots in coverage with traditional systems If customers want to use end-to-end cloud, they could face installing more cameras and incurring higher license fees than initially planned.
For now, end-to-end cloud costs are going to remain prohibitive for many businesses simply needing surveillance. And while touted as VSaaS, most systems still come with upfront equipment and installation costs, which is not the same as a true software-as-a-service offering. It’s also a disadvantage that end-to-end cloud providers are locking in customers for a minimum of five years, often with multiple license fees per camera. If you compare that with traditional on-prem or hybrid solutions with zero or low licensing fees, for many businesses the upfront and ongoing costs of cloud becomes more expensive the larger the system.
Protecting cameras against cyber threats
Cyber security remains top of the agenda as businesses became more vulnerable to phishing and ransomware as a result of hackers and organised criminals taking advantage of the pandemic. This has increased the involvement of IT and cyber professionals in security buying decisions. We’re finally seeing a more rapid convergence of the sort that was predicted – or hyped – during the proliferation of network surveillance.
This makes it more important than ever for manufacturers and their systems integrators to be well-versed in explaining the cyber security technologies and techniques used to protect video surveillance systems. This includes the hardening of devices; the use of multi-factor authentication to access footage, with the ability to set varying levels of authorised access for specific individuals and groups; and the ability to partition monitoring and access to footage site-by-site, by area of responsibility and in some cases to specific camera streams. Cyber professionals will also want the assurance that data is protected in transmission as well as at rest, with the ability to build in redundancy and be assured that even if cameras, network recorders, or servers are stolen video footage cannot be accessed.
IDIS surveillance was already inherently cybersecure, way before the risks were broadly highlighted in the industry. We use a range of propriety protocols which cybercriminals are less familiar with, and which are also much harder to hack. We also ensure what we call ‘manageable complexity’ no matter how large the deployment, because we have eliminated the need for expertise in IT networking, routing and port forwarding through our FEN Service. When engineers are implementing multi-site surveillance, they simply name each site and connect it to the control room or other centralised monitoring environment.
Our flagship offering, DirectIP, also acts as a mutual authentication system eliminating the need for manual passwords. The larger the system and more pressure engineers are under to implement within tight timeframes according to service delivery agreements that come with penalties – so they often risk writing passwords down in notepads or saving them in vulnerable spreadsheets.
We also use two-factor authentication and multi-layered encryption technology for data transmission that is optimised for surveillance operations, as well as firewalls on our NVRs. All IDIS storage devices come with iBank, an IDIS database system specifically designed for video recording. It maximises storage efficiency and enables fast data processing, and importantly means they cannot be read by external devices such as PCs, which also keeps video data safe from forgery and tampering.
Discover the latest developments in the rapidly-evolving video surveillance sector by downloading the 2023 Video Surveillance Report. Over 500 responses to our survey, which come from integrators to consultants and heads of security, inform our analysis of the latest trends including AI, the state of the video surveillance market, uptake of the cloud, and the wider economic and geopolitical events impacting the sector!
Download for FREE to discover top industry insight around the latest innovations in video surveillance systems.
AI, VSaaS and cyber security: Takeaways from the Video Surveillance Report 2020Jamie Barnfield, Senior Sales Director at IDIS Europe, offers his take on the findings of IFSEC Global's 2020 Video Surveillance Report.
Jamie Barnfield
IFSEC Insider | Security and Fire News and Resources
Related Topics
Navigating physical security: Top trends in 2024
Security benefits of installing mesh networks
The cloud tipping point has arrived; Observations from the state of physical security 2024
This makes it more important than ever for manufacturers and their systems integrators to be well-versed in explaining the cyber security technologies and techniques used to protect video surveillance systems. This includes the hardening of devices; the use of multi-factor authentication to access footage, with the ability to set varying levels of authorised access for specific individuals and groups; and the ability to partition monitoring and access to footage site-by-site, by area of responsibility and in some cases to specific camera streams. Cyber professionals will also want the assurance that data is protected in transmission as well as at rest, with the ability to build in redundancy and be assured that even if cameras, network recorders, or servers are stolen video footage cannot be accessed.