Check Out Our Latest Webinars!
Click on the Webinars tab at
securitytoday.com
to view our latest archived webinars.
Emergency Response to an Active Shooter 1.5988 in Sponsored by Asset Defense Consulting, L.L. C., Hanwha Techwin America, NAPCO Security Systems, Safety Technology International, Inc., System Surveyor, Talkaphone
Best Practices in Temporary Access for Visitors and Short-Term Contractors at Government Facilities Sponsored by Quantum Secure, part of HID Global
Make No Mistake: PoE is a Business Saver
Sponsored by NVT Phybridge
Becoming an Organizational Strategic Partner: Transforming the End User Relationship to Meet Today’s Business Needs
Sponsored by Quantum Secure, part of HID Global
The Use of Drones
in Commercial Video Surveillance
Sponsored by FLIR Systems
Plus More!
Schedule your webinar today with Kevin O’Grady kogrady@1105media.com
Go to sp.hotims.com and enter 17 for product information.
proprietary products and unique interfaces to integrate with other devices. Safe/smart city deployments and Internet of Things sys- tems are helping to accelerate acceptance of interoperability over proprietary systems.
In fact, it’s estimated that as many as 50 billion IoT devices will be connected to a net- work over the next three years, all requiring some measure of interoperability. If you’re concerned about the security of information, that number can seem alarmingly high. The good news is that IoT security budgets are also expected to increase substantially over the next three years and there some changes that we, as an industry, can proactively make in the meantime.
Be Cyber Secure
Remember that a single device or product alone cannot be cybersecure if it’s connected to an unsecured network or to a network with other vulnerable devices. People, prod- ucts and processes — these three elements together can provide security, but if you don’t have sound cybersecurity practices in place for all three, you won’t have complete security.
Manufacturers of physical security prod- ucts can use encryption technology to help harden IoT devices. They can ship products with default settings that require end users to change the default password on install and that also require password changes periodi- cally. It’s also worth exploring whether some settings on devices should be locked down to protect our customers, for example making encryption part of the factory settings, in-
creasing the likelihood that encryption is left enabled on the device.
End users and system integrators also have some responsibility to bear. Approxi- mately 95 percent of the security breaches that occur today are due to some sort of simple password error or lack of organi- zational policies with respect to password management. It takes only a matter of sec- onds to very quickly choose a simple, easy to remember password. However, relying on the most convenient solution — often the default password — can most definitely in- crease the potential for compromised access to our most private information.
As is the case with many things, a balanc- ing act is required when it comes to informa- tion availability and securing access to that information. Each end user and system inte- grator has to find the right balance between availability of data and protection of that data, taking cost into consideration as well.
Strong user authentication, event moni- toring, activity logging, encryption of data and other controls that are built into our IT networks go a long way in increasing cyber security. Using standards like those offered by ONVIF may actually be the key to having the best of both worlds: the ability to share information with other
devices using standard- ized, encrypted commu- nications.
Jonathan Lewit is the chair of the ONVIF Com- munication Committee.
0218 | SECURITY TODAY
INTERNET OF THINGS
BeeBright/Shutterstock.com