Necessary evil or critical ingredient?

June 2016 News & Events

You can say it a million times and a billion people will agree with you, but we all do it anyway. Security is still not seen as a necessary component of business, not even IT, and is therefore still a necessary evil in the eyes of most people – or a grudge purchase as so many people keep saying. The result of this is a minimalist approach to security where cheaper is better and the budget makes your decisions for you.

And then security gets a bad reputation when things aren’t miraculously 100% secure.

An online site devoted to security recently wrote an article about a Chinese surveillance manufacturer, Hikvision, which had changed its terms and conditions to exclude any liability for its kit being hacked. This naturally caused a few people to comment and complain, but the reality is they are doing the same thing Microsoft, Cisco, Oracle and every other company does. Microsoft’s history of producing secure software speaks for itself, that’s why we need firewalls and anti-virus and other third-party applications on our computers.

Which surveillance manufacturers take responsibility for hacks? I’m guessing the number would be very close to zero, actually exactly zero. I would suggest that the cyber security problem the surveillance industry is now starting to face is not the fault of the manufacturers – they have partial fault through the production of poor software and through using untrusted components – but it is a shared responsibility.

Installers and integrators must also share in the blame. Understanding the risks of the information world is essential if you are going to be adding something to a network, whether it’s your home network or a large organisation’s. Moreover, catering for the risks in collaboration with your client’s IT people should be a given. Of course that doesn’t happen because we all have our things to do and security is that guy’s domain.

The end user also shares the blame. The customer should make the rules and ensure, for example, that all the changed passwords are in the hands of the security manager (or whoever is responsible) and not left as defaults or a secret the installer keeps to himself. That is probably the simplest step in ensuring your own surveillance system. It might also be worthwhile doing your homework and dictating what you want your products and infrastructure to do instead of going for the cheapest, or the one the salesperson gets the best commission on.

Whether you are making your home more comfortable, securing an estate, buying a new laptop or installing a new Internet of Things platform, the reality is that you will have problems if you see security as a necessary evil that you have to pay for just in case.

Security needs to be an integrated component of everything we do. This will automatically make us as users more aware of what we need and how we should use what we have, and it will make the systems we rely on more secure. With security designed into the architecture from the start, there will be fewer hassles trying to add it on later when your budget is already spent.

Andrew Seldon



Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Pentagon appointed as Milestone distributor
Elvey Security Technologies News & Events Surveillance
Milestone Systems appointed Pentagon Distribution (an Elvey Group company within the Hudaco Group of Companies) as a distributor. XProtect’s open architecture means no lock-in and the ability to customise the connected video solution that will accomplish the job.

From the editor's desk: AI and events
Technews Publishing News & Events
      Welcome to the 2024 edition of the SMART Surveillance Handbook. Reading through this issue will demonstrate that AI has undoubtedly made its mark on the surveillance industry. Like ‘traditional’ video ...

Forbatt SA to distribute and support Tiandy in South Africa
Forbatt SA News & Events
The big news in this year’s SMART Surveillance Handbook is that Forbatt SA has signed a new distribution agreement with Tiandy Technologies. This brand has had limited exposure and support in South Africa in the past, but has posted significant growth internationally.

The TCO of cloud surveillance
DeepAlert Verifier Technews Publishing Surveillance Infrastructure
SMART Security Solutions asked two successful, home-grown cloud surveillance operators for their take on the benefits of cloud surveillance to the local market. Does cloud do everything, or are there areas where onsite solutions are preferable?

Surveillance on the edge
Axis Communications SA Guardian Eye Technews Publishing Surveillance
Edge processing, a practical solution that has been available for some time, has proven its utility in various scenarios, tailored to the unique requirements of each user.

AI developments in surveillance
DeepAlert Secutel Technologies Technews Publishing Surveillance
When AI-powered video analytics first emerged in the surveillance market, it was heralded as a game-changer, promising near-magical object recognition and identification. As always, it was oversold, but times have changed and we are close to seeing the ‘magic’ at work.

Putting cyber into surveillance
Dallmeier Electronic Southern Africa Cathexis Technologies Technews Publishing Editor's Choice
Cybersecurity has become an essential part of the physical security industry. However, unlike other IoT technologies, of which security products are a part, surveillance technologies have more to protect.

Introducing the SecuShot Bullseye Robotic Guard MK2
Secutel Technologies News & Events Surveillance
The SecuShot Bullseye Robotic Guard MK2 is a marvel of modern engineering. It integrates CCTV monitoring, remote-controlled PTZ capabilities, and a gas-powered marker into a single, compact unit.

Gallagher Security’s Integrate Roadshow
Gallagher News & Events
Gallagher Security recently teamed up with nine technology partners to showcase the latest integrated security capabilities at the Integrate Roadshow in Durban, bringing together about 60 attendees, including end users, channel partners, consultants, and other industry professionals.

Ransomware impersonates employees and self-spreads
News & Events
Following a recent incident, the Kaspersky Global Emergency Response team is shedding light on an attack where adversaries crafted their own variant of encryption malware equipped with self-propagation capabilities.