The cloud and security

April 2017 CCTV, Surveillance & Remote Monitoring, Perimeter Security, Alarms & Intruder Detection, Cyber Security

Using the cloud for data storage, application or platform hosting is a growing business, but we have seen some reluctance in the security industry to make use of the cloud for hosting and running security functions. In South Africa, this can often be ascribed to the lack of and expense of bandwidth, although this has changed somewhat over recent years.

Nevertheless, with the exception of some cyber security service providers, security run from the cloud has been more the exception than the rule. Hi-Tech Security Solutions asked some players from both sides of the physical/cybersecurity industry what their thoughts are on the uptake of cloud services for security functions.

Mike Voortman.
Mike Voortman.

Mike Voortman, MD of Verifier, a monitoring company that started in the Western Cape and is now expanding north, which offers services monitoring various cloud-based intruder detection analytics as well as ANPR (automatic number plate recognition) solutions across all market segments from residential to community and commercial, says, “We are excited to be monitoring more cloud-hosted solutions where exceptions are processed in the cloud, with verifications and escalations performed remotely by us. Due to this exception-based model, bandwidth isn’t a major concern and data is, in any event, becoming cheaper. We’re already monitoring video, alarms, RFID and LPR (or ANPR) cloud-based solutions and have not experienced any objections regarding bandwidth.”

John McLoughlin, MD of J2 Software, a company that recently launched its own Security Operations Centre (SOC), says organisations should be seeking to leverage the cloud (or the scale of the Internet) to gain greater information security capabilities. “Most, if not all, businesses in South Africa have a problem around the required information security skills which are at their disposal. They are also examining whether or not they have the ability to add a new hire and find any with the requisite skills to provide security across the board – server/infrastructure security, host and network intrusion protection, usage metrics and protect against internal and external threats.

John McLoughlin.
John McLoughlin.

“The truth is that the Internet/cloud can be utilised to provide access to a team of security specialists that can guide and remediate issues at a lower cost than employing the elusive miracle hire as a direct cost to the business. South African companies are not ahead of the game here – with very few having taken any steps towards using outsourced specialist services and the power of the web to enhance security and gain visibility in order to fight back and stop cyber threats.

“We have launched the J2 Cyber Security Centre to provide our customers with the peace of mind of having a highly-qualified set of security professionals looking after their information security, which gives total visibility and thus delivering a virtually immediate response to threats.

“Using the cloud, however, does not mean that every customer gets the same service or even the same solution. It is necessary to allow for differences in setup and requirements. Client A may need assistance only on insider threats, while customer B may look for a full outsourced managed security service provider. Our approach is to allow for different models, this includes monitoring with all data staying on-site and using the cloud for management, through to the other end of the spectrum where everything is hosted, or anything in-between.”

Richard Aikman is product manager: enterprise mobility at Vox, another company traditionally associated with the ICT industry, but which also entered the physical security industry with its monitoring services. Vox clients could be any business that has fixed operating hours, thus allowing event or alarm monitoring during closed time.

Aikman says that even though data costs are dropping, it still remains expensive to stream video footage in real time, and cloud storage and retrieval suffer the same constraints.

Onsite or offsite

The issue local companies have with bandwidth and the related costs has led some businesses to opt for a hybrid approach to cloud services. As noted above, some functionality can be hosted onsite, while the service provider hosts others offsite.

In the case of Vox, Aikman explains that remote monitoring does not require all the video to be streamed offsite. Video feeds are recorded and stored locally onsite, however any alarm activation or trigger will be pushed offsite for review and action. Vox uses this type of setup for its services, but also allows for streaming when a ‘virtual guard’ patrols its clients’ sites, walking the perimeter remotely irrespective of the weather conditions or local staffing.

Verifier has a similar operation where triggers are escalated to the control room and are verified by humans, who then initiate the relevant responses. Voortman says that in the security realm, we will see more of the “crunch work happening in the cloud. Automation of processes is on the increase, and we foresee that this will advance alongside developments in analytics.”

Automation is also key for McLoughlin operating in the cyber security world. “The power of the connected world means that we can do so much more through task automation. As with all good security, one firstly needs to be clear on what is being protected, this gives us the baseline and it is then through responding to anomalies that dangers can be excluded/cut out.

“The cloud is always connected and ready to act. We can ensure that when our sensor picks up the activity, we trigger a response via an automated task and remove the workstation or server from the network – disconnect and protect the network before anything else is affected. We can then have the first responders react and remediate, with the advantage that the danger has already been effectively removed.”

When considering the solutions available for security, whether cyber or physical, it is clear that the cloud and the security industry can do business together. However, it is very important to ensure that the client knows what they want and the service provider is able to supply these services. There is no vanilla approach as there may be to simply storing data in the cloud.

And while there are those who would say streaming video is possible now that South Africa has a growing fibre network, the reality is that even in onsite control rooms we are finding companies relying on technology to automate the monitoring and only alert human operators when something out of the ordinary happens. Not only is this more secure as technology never loses concentration or falls asleep, but it also allows companies to use more expensive human resources for more important tasks that computers can’t handle, yet. The same processes are being applied to the cloud, where computers do the boring work while humans are called into action when something actually happens.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Securing perimeters of secure locations
November 2019, Axis Communications SA, Modular Communications, Hikvision South Africa, Nemtek Electric Fencing Products, Technews Publishing, Stafix , Government and Parastatal (Industry), Perimeter Security, Alarms & Intruder Detection, Integrated Solutions
Hi-Tech Security Solutions asked a number of companies offering perimeter security solutions for their insights into protecting the boundaries of national key points.

Drones and cybersecurity?
October 2019 , CCTV, Surveillance & Remote Monitoring
Hacker drones can eavesdrop electronically on conversations, can perform network attacks, or can create fake wireless access points.

Kaspersky uncovers zero-day in Chrome
October 2019, Kaspersky , News, Cyber Security
Kaspersky’s automated technologies have detected a new exploited vulnerability in the Google Chrome web browser.

Body-worn cameras transforming security
October 2019 , CCTV, Surveillance & Remote Monitoring, Security Services & Risk Management
Police Service Northern Ireland now has over 7 000 officers using 2 500 cameras covering approximately 173 000 incidents each year.

Camera Selection Guide 2019
CCTV Handbook 2019 , CCTV, Surveillance & Remote Monitoring
The Camera Selection Guide 2019 includes a range of IP, analogue, thermal and speciality cameras aimed at a broad range of surveillance functions.

Intelligent analytics and the brains to match
September 2019, Bosch Building Technologies , CCTV, Surveillance & Remote Monitoring, Integrated Solutions
What if the brains behind our security cameras could be trained to improve their cognitive ability to pay attention, learn, and problem-solve according to specific rules and situations?

AI-powered autonomous Drone-in-a-Box
September 2019 , CCTV, Surveillance & Remote Monitoring, Integrated Solutions
Organisations in the mining, energy and industrial, oil and gas, ports and terminals sectors can optimise security and business operations, whilst reducing risks and operational costs

Cybersecurity for video surveillance systems
September 2019, Mobotix , Cyber Security, CCTV, Surveillance & Remote Monitoring
Video surveillance systems are increasingly accessible over any IP network, which has led to the rise of potential cyberattack.

What are the cybersecurity issues in video surveillance?
November 2019, Axis Communications SA , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Cyber Security
he importance of the data captured by surveillance cameras – and what can be done with it – has led to a new breed of cybercriminals, looking for insights to steal and sell.

The safe city and its need for interoperability
November 2019 , Integrated Solutions, CCTV, Surveillance & Remote Monitoring
Interoperability continues to present one of the greatest challenges, particularly with video management systems, video recording devices and cameras.