printer friendly version

Threats to control rooms

There are two primary aspects that need to be considered in securing the integrity of the control room and client site from possible attack. One aspect is the integrity of the controllers that are employed and the second is the integrity of the network against possible cyber and hacking attacks.

We have seen of late that the network integrity against cyber and hacking attacks is of primary importance, which has been highlighted globally. In all cases the security of networks and data is key and equally important to the integrity of control room staff in maintaining an acceptable level of security.

Contract Surveillance Services (CSS) is an independent control room offering the monitoring of CCTV, fire and alarm systems. It offers a direct-to-client service or as a third-party control room for other security companies that do not have their own control room. The company has a continuous programme of technology adaption enabling it to connect to sites anywhere in South Africa.

CSS has found, having its control room outside of the main business centres removes controllers physically from the probability of intimidation by syndicates. Operating in an out-of-the-way city reduces the possibility of external intimidation and collusion.

The more critical aspect to control room security is hacking or bringing down the network used by the control room to connect to remote sites. In fact, many clients do not even know what network security processes and technology are put in place by the service providers supplying their offsite monitoring service. Even if they were told what a service provider does, the client may not know if this was sufficient or not.

Many control rooms connect to sites through the public Internet and use home DNS protocols. A simple search and you will find ways on how to hack networks. Closed networks or VPNs offer higher levels of security for connecting remote sites with user and device MAC based authentications as well as 802.1x port-based network access control. Site specific user names and passwords are equally important used in conjunction with private network security features. Routers and switches designed for VPN applications also come with built-in firewalls and with a reasonable router or switch reasonable levels of security can be achieved.

In addition to network security, passwords and access levels to control room computer workstations needs to be strictly controlled so that operators have limited access to system files. This will also reduce the possibility of attack or collusion with intruders.

Cyberattacks will always be a potential security treat and the risk remains unknown and undetected until it happens.

Share this article:

Further reading: