Resolving the security threat

September 2012 Cyber Security

The advent of wireless networking and the wireless transmission of data have brought the benefits of convenience, flexibility and significantly lower installation costs to the video surveillance industry. However, there is more to wireless technology than wireless CCTV cameras and cable-free IP (Internet Protocol) surveillance. There is the dark side of potential security breaches, usually perpetrated by laptop toting war drivers looking for unprotected or unencrypted networks to hack into.

A wireless surveillance network could present those intent on gaining unauthorised access to a corporate network with an ideal gateway, allowing them to hook up to the network and its often geographically dispersed servers and copy-sensitive data, steal identities or commit any number of fraudulent acts, including the placement of sniffer software and other malware.

Unfortunately, many organisations pay little attention to the security of the video surveillance network, probably in the mistaken belief that the modern wireless version – now connected to the corporate network – represents as little threat as the old, replaced, analogue system.

That said, high-quality megapixel resolution digital cameras and network-based IP cameras represent realistic options for new-generation security projects, which can include building management and access control, because of the considerable benefits their technology brings to the process. These include motion detection, behaviour recognition and thermal/infrared imaging for low-light conditions as well as the option to integrate other IP-based intrusion detection systems, complemented by a variety of active and passive alarms and customisable control methods.

However relevant and important these features, they must never be allowed to override the need for security protection.

Securing wireless

The first step towards ensuring the security of a wireless infrastructure is data encryption which encodes the information transmitted over the infrastructure. It is advisable to use the strongest form supported by the network. The Wireless Protected Access (WPA) protocol and more recent WPA2 have supplanted the older and less-secure Wireless Encryption Protocol (WEP).

One of the best ways to protect a wireless network and its links is through the use of a virtual private network (VPN). VPNs secure communications by creating impenetrable tunnels through which the encrypted data travels. Many companies provide VPN service to their mobile and offsite workers and similar services can be adopted for surveillance systems too.

An important step in the process is to establish control over the network to authorise, limit or block access to the infrastructure based on authentication, location and needs assessments. The network management solution selected to perform these tasks should have the ability to correlate and sort large volumes of threat data while providing complete visibility and control of the security environment. It should also deliver compliance enablement and, if possible, support an audit process while providing open interoperability with third party devices.

Threat management

Leading systems today offer an array of forensic tools together with native voice over IP support and the ability to upgrade or combine intrusion detection systems (IDS) and intrusion prevention systems (IPS) in the same application and within the same appliance.

Several methods can be used to detect threats, including signature-based and anomaly-based detection as well as stateful protocol analysis – the process of comparing predetermined profiles of generally accepted definitions of benign protocol activity for each protocol state against observed events to identify deviations.

With these defences in place, it is safe to integrate wireless networks into a broad-based business communications infrastructure. In fact, the trend towards converged, multi-service networks is very much part of today’s corporate landscape as organisations move to rationalise technology spending by permitting voice, video and data to run over a common communications infrastructure.

While networks continue to grow organically, some have evolved into convoluted technology nightmares. However, it is possible to plan a strategy that ensures service level targets set by an organisation’s user community are equally met by data, voice and video systems – including video surveillance systems – without undue complexity or cost.

Martin May
Martin May

For more information contact Enterasys Networks, +27 (0)11 531 9600, [email protected], www.enterasys.com





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Industrial control systems under attack
News Cyber Security
According to Kaspersky ICS CERT statistics, from January to September 2022, 38% of computers in the industrial control systems (ICS) environment in the META region were attacked using multiple means.

Read more...
OSINT: A new dimension in cybersecurity
Cyber Security
The ancient Chinese strategist Sun Tzu noted, you should always try to know what the enemy knows and know more than the enemy.

Read more...
Sasol ensures Zero Trust for SAP financials with bioLock
Technews Publishing Editor's Choice Cyber Security Security Services & Risk Management
Multi-factor authentication, including biometrics, for SAP Financials from realtime North America prevents financial compliance avoidance for Sasol.

Read more...
Building a holistic application security process
Altron Arrow Cyber Security
Altron Arrow asks what it means to build a holistic AppSec process. Learn what’s involved in a holistic approach and how to get started.

Read more...
Managing data privacy concerns when moving to the cloud
Cyber Security
While the cloud offers many business benefits, it can also raise concerns around compliance, and some organisations have taken the approach of staying out of the cloud for this reason.

Read more...
Accelerating your Zero Trust journey in manufacturing
IT infrastructure Cyber Security Industrial (Industry)
Francois van Hirtum, CTO of Obscure Technologies, advises manufacturers on a strategic approach to safeguarding their businesses against cyber breaches.

Read more...
The democratisation of threats
Cyber Security
Bugcrowd looks at some of the primary vulnerabilities the world faced in 2021, and the risks moving forward with growing attack surfaces and lucrative returns on crime.

Read more...
Protecting yourself from DDoS attacks
Cyber Security Security Services & Risk Management
A DDoS attack, when an attacker floods a server or network with Internet traffic to prevent users from accessing connected online services, can be costly in both earnings and reputation.

Read more...
Exploiting Android accessibility services
Cyber Security
Pradeo Security recently neutralised an application using Android accessibility services that exploits the permission to perform fraudulent banking transactions.

Read more...
Cyber resilience is more than cybersecurity
Technews Publishing Editor's Choice Cyber Security Integrated Solutions IT infrastructure
Hi-Tech Security Solutions held a round-table discussion focusing on cyber resilience and found that while the resilience discipline includes cybersecurity, it also goes much further.

Read more...