Page 40 - Security Today, May 2017
P. 40

No device should be allowed to connect to the network until the default user ID and password have been reset after commissioning. Organizations should have a strong password policy that defines password rules and frequently requires password changes. Use a se- cure password management system to keep track.
Virus scan any device or media before attaching it to the network.
All computers and media used to install or update network cameras, servers, NVRs or storage devices should be virus scanned with up-to- date protection/detection software for malignant code before being connected to or loaded into a shared network.
Apply special protection to cameras covering sensitive areas and limit access. Laws limit where video recording can occur, what can be recorded, what use can be made of it, and even who can view it. The security system designer needs to be an expert on these local require- ments and adhere to them.
A good policy is to never install a camera anywhere you would not want others to see the scene being covered. Sensitive areas or personal space may not be the best choice for a camera location, par- ticularly with the risk of a cyberattack.
Educate your team. Employees need to be aware and educated of the risks and challenges of cybersecurity prevention, detection, mitigation and recovery in advance of an incident. Accidental or un- intentional exposure is major risk factor in exposing a business or organization to cyberattack, and education is the best defense.
Integrate and follow IT and security department guidelines for de- vices and access. Integrate with established IT and security depart- ment guidelines. Follow industry guidelines, policies and regulations as best practices to address everything from remote access, cloud net- works, unsecured networks, Bring Your Own Device (BYOD) poli-
cies, network monitoring and data safekeeping.
Conduct regular cybersecurity reviews and assessments. Both the
IT and security departments should conduct regular cybersecurity reviews and assessments of their infrastructure, systems and policies throughout the year.
Preplan for cyberattack responses. Many organizations have risk as- sessment and response strategies, designed for a wide range of poten- tial disasters and catastrophic events. Cybersecurity needs to be includ- ed to deal with mitigation and recovery in the event of any incident.
Build and keep a disaster recovery up to date. Have a disaster re- covery plan in place before a catastrophic failure or data breach oc- curs. Be sure to keep the plan up to date. Consider making commer- cial cybersecurity insurance part of the program.
Establishing these types of security policy recommendations, tai- lored to fit the needs of the organization, will prevent many cyber- security risks and help to mitigate the impact of those that are not.
Employee education is also of critical importance. Organizations such as the Security Industry Association, ASIS International, the Cybersecurity Policy and Research Institute, the Electronic Privacy Information Center, and many colleges and universities are among many that offer actionable information on cybersecurity. They are excellent places to start learning more about how
to protect an organization.
By taking these actions, organizations can be well on their way to cybersecurity awareness and protection.
Jeff Whitney is the vice president of marketing at Arecont Vision.
I WANT YOU TO BUY AMERICAN!
Our Steel Gooseneck Pedestals are
Made in America from American Steel
Our Lexan Polycarbonate Housings are
Made in America from American Plastic Resin


www.thehousingcompany.com - sales@thehousingcompany.com - (770) 529-1040
24
Untitled-1 1 Untitled-3 1
5/15/15 1:13 PM 3/8/17 11:34 AM
Go to sp.hotims.com and enter 31 for product information.
0517 | SECURITY TODAY
NETWORK CAMERA SOLUTIONS




































































   38   39   40   41   42