Showing posts with label vulnerabilities. Show all posts
Showing posts with label vulnerabilities. Show all posts

Saturday, July 1, 2023

AI, Cloud and Cybersecurity Open New Opportunities for Integrators

AI, Cloud and Cybersecurity Open New Opportunities for Integrators 

I was recently asked which technologies are going to have the most significant impact on the physical security industry in the next few years. With the rapid pace of change in technology today, there is no simple answer to this question.

One thing that is certain is that companies are under pressure to become more efficient, secure and operationally aware. That, in turn, is driving the need for real-time data capturing and processing from every part of their business, including security.

We are just beginning to see how emerging technologies and concepts such as artificial intelligence (AI), Cloud computing and cybersecurity are impacting our industry. As companies plan for the future, budgets are increasingly focused on innovative solutions that can help to process the growing amount of data being captured and consumed.

Manufacturers and systems integrators that understand this shift have been quick to identify opportunities to win new business through the introduction of value-added applications or new services capable of generating recurring monthly revenue.

We explore some of those technologies and opportunities below.


Artificial intelligence and analytics

AI analytics is the product of automating data analysis—a traditionally time-consuming and people-intensive task—using the power of today's artificial intelligence and machine learning technologies.

AI analytics refers to a subset of business intelligence that uses machine learning techniques to discover insights, find new patterns and discover relationships in the data. In practice, AI analytics is the process of automating much of the work that a data analyst would normally perform.

Customers are looking to AI and data analytics to gain better insight into their operations. These offerings can enable security-related intelligence or operational and customer insights. The key to AI is self-learning algorithms that, over time, get better at identifying certain targeted behaviors or transactions and reducing false positives.

We have also begun to see several chip manufacturers introduce next generation processors with AI built into the core firmware. As a result, systems integrators can expect to see many product innovations in 2018 focused on advanced video analytics, data integrations and application software.

The challenge for their customers will be clearly defining which data is most valuable to them, who will have access to it, and how to best manage it. Systems integrators can play a key role in this process by having those discussions with customers up front and encouraging a proof-of-concept phase before fully rollouts are undertaken.

 

Cloud-based services

Cloud based services provide information technology (IT) as a service over the Internet or dedicated network, with delivery on demand, and payment based on usage. Cloud based services range from full applications and development platforms, to servers, storage, and virtual desktops.

In addition to AI and data analytics capabilities, we are seeing demand from customers for Security-as-a-Service (SaaS) offerings. The combination of low, upfront capital costs and outsourced services has made Cloud-based video and access control popular, especially in the hospitality and small-to-medium enterprise markets. Examples of SaaS cloud service providers include Dropbox, G Suite, Microsoft Office 365, and Slack. In each of these applications, users can access, share, store, and secure information in “the cloud.”

As technology providers add more sophisticated applications and services to further drive customer insight and efficiencies, expect enterprise retail customers to begin moving to this model as well in 2018. For systems integrators, SaaS solutions can represent a recurring revenue stream and a great opportunity to generate new business.

 

Cybersecurity impacts

Cyber attacks can cause electrical blackouts, failure of military equipment, and breaches of national security secrets. They can result in the theft of valuable, sensitive data like medical records. They can disrupt phone and computer networks or paralyze systems, making data unavailable.

Cybersecurity is crucial because it safeguards all types of data against theft and loss. Sensitive data, protected health information (PHI), personally identifiable information (PII), intellectual property, personal information, data, and government and business information systems are all included.

The sheer scope and size of the data breaches we saw in 2017 – Equifax being one of the most notable – has heightened concerns over cyber-preparedness. Increasingly, customers are evaluating their own level of cybersecurity preparedness, as well as that of their suppliers.

There’s no doubt that our industry is taking cybersecurity seriously, however there is still work to be done, and both systems integrators and their manufacturer partners need to be prepared. Information technology (IT) departments will continue to play an expanded role in approving products for deployment on corporate networks. The use of third-party cybersecurity audits will also become more commonplace, which will significantly impact how products are developed and deployed.

In addition to ensuring that their products are secure, manufacturers and system integrators will also need to improve their own organizational security. For video solution providers, that could mean demonstrating how they protect their software code and architect their software, and how compliant their solutions are with data privacy standards in North America and globally.

The need to bolster cyber defenses will also create demand for new equipment and software upgrades as the vulnerabilities of customers’ legacy equipment are exposed.

Cybersecurity will be a challenge for some systems integrators, but a great business opportunity for others. Customers will increasingly look for integrators that can meet their cybersecurity standards and possibly pass a cyber audit. If there’s a weak link in the chain – from product design to installation or service – then everyone loses. System Integrators know major China manufacturers like Dahua, Hikvision, Uniview are not impacted, from everything we have seen. We executed the proof of concept code from the disclosure on multiple devices and were unable to gain access using the backdoor. The backdoor primarily impacts devices using HiSilicon SOC with Xiongmai software, which is dozens of small OEM manufacturers, using minimally modified OEM firmware, Open Source OS and drivers, and enabling telnet on port 9530.

So it’s important that integrators and manufacturers work closely together and ensure that they share the same high cybersecurity standards. Integrators should also demand that their manufacturer partners be diligent about educating them on products and keeping software up to date to reduce potential vulnerabilities.

 

Knowing your market

Many of today’s leading system integrators have begun investing in the additional resources needed to educate staff and align their organizations so they can successfully adopt and provide these new capabilities to their customers.

It’s important that your organization have conversations with both your end user customers and your technology providers so you can take advantage of new opportunities while also helping to clarify what’s possible today and what’s still on the horizon.

As integrators move from equipment sales to consultative solution sales, it is important to understand the unique business problems of the customers in your target market. While this concept is not new, a growing number of integrators are putting vertical market initiatives in place to concentrate their expertise.

The top five business challenges of yesterday may no longer be the top five challenges of tomorrow. Integrators need to understand what those unique challenges are for each vertical they play in, and work with manufacturers that can provide proven solutions for specific markets.

Sunday, January 15, 2023

Network Video Recorder cum Network Switch

Network Video Recorder "Built-in" Network Switch 

The introduction of a Network Video Recorder (NVR) with a built in network switch confused a good portion of the professional market.  It very much seemed to be something that was geared towards catering to a side of the market that was completely unfamiliar with how an IP camera system is setup and installed.   Not a lot has changed since their original release dates.  Most installers still scratch their heads at the thought of using them, but the fact remains that there is an audience.  For those who aren't looking to educate/teach themselves the way of "proper IP installation," these simple to adapt to NVRs are very appealing.  Having said that, it's equally important to understand what you're getting yourself into with a built in switch.

Cost Comparison

There are two ways to look at cost, but we're going to start with your initial purchase for getting this system up and running.  There's no way to conceal the fact that purchasing an NVR with a built in switch is going to be cheaper.  A standard NVR purchased together with a dedicated PoE switch will probably cost you about 25% more than the alternative.  Because of the somewhat basic nature of network switches, you probably won't notice any difference in performance between the two options.  It really comes down to quality in this case, and you're just going to pay more money for the more proven brands; your built in switches are generally built by an unnamed Chinese manufacturer.

The other way to look at cost is to look towards the future.  Network switches are just as imperfect as everything else.  The most common occurrence is that a network port burns out and is no longer able to be used.  If your warranty has expired, you're now in a position where you're going to need to start spending money to get to a solution.  Depending on how much that damaged switch effects your system, you're left with a couple options.  In the case of a dedicated switch, you can replace the switch entirely or you can purchase another smaller switch as an add-on to make up for malfunctioning port(s).  These can be purchased for as little as $50.  An NVR with a built in switch is not going to have such an easy time.  You can try using a dedicated switch as an add-on, but you're now just setting up your system via the alternate method.  If you still have a demand for the same type of "camera hardwired to NVR" setup and your NVR is out of warranty, you'll now find yourself needing to replace the entire NVR instead of the much cheaper network switch.P

Cable Runs

A built in switch is going to require that you run your cable the same way you would with an analog system.  In this scenario, you're going to be running a cable for each camera all the way back to the NVR to create your hardwired connection. Your cable length is limited, in this case, to the standard 328 feet.

A dedicated switch can potentially have some major advantages here. Thinking that a dedicated switch needs to be placed anywhere near your NVR or router would be a mistake.  It makes the most sense to place your switch as close to the biggest cluster of cameras as possible.  This can make for a lot of short cable runs from IP cameras to switch.  From there, it's just a matter of running a single cable from that switch back to your router.  The end result is that you simultaneously put all of your IP cameras on your network by running that one cable.

This is a rough example of what an installation might look like with a dedicated switch.  Of course your own personal hardware situation might be different, but you should get the concept we're going for.  Installing your IP camera system like this will also double the potential distance you can run your cable.  In addition to your cable length being able to be run as far as 328 feet from cameras to switch, you can also run up to another 328 feet from switch to router.  You can revert back to cost as much as you want, but a dedicated switch is going to give you more capabilities and versatility for your money than a built in PoE switch will.

Reliability

This is mostly a matter of opinion and how much you trust individual manufacturers to begin with.  Dedicated switches are usually going to be found with a name brand printed on them.  You've heard of certain brands like Linksys, Netgear, and D-Link because they have an established reputation.  It's not hard to go online and find out how well these companies are performing.  The internet will contain a plethora of reviews and discussions related to these company's products.  This is all to say that transparency is much easier to find with big brands; the general public doesn't let them keep any secrets.  This makes selecting and purchasing a product a very straight forward and simple task; it just takes a bit of research.

There are those among us who are completely against the idea of owning anything that's "unbranded" under the pretense that they believe it's all junk and lacks in longevity.  The fact remains that a good number of the unbranded devices that people have come to feel uncomfortable with are actually performing, and in some cases outperforming, a lot of the big brand names.  If something like this bothers you, you're going to have a hard time feeling comfortable with an NVR that has a built in switch.  The lower costs of these switches makes them attractive but getting passed the uncertainty of knowing whether or not they're going to perform as needed is not as simple.  Researching an NVR with a built in switch can gain you a general public opinion, but those opinions don't usually cover things like speed tests or information regarding longevity of the product.  This is one of those things you'll likely just have to try for yourself in order to know for sure.

All in all, you have good options for both dedicated switches and built in switches. Doing a little bit of homework/research into the product you’re considering should shed enough light on the subject where you can feel confident with your decision either way.

Compatibility

A dedicated switch, no matter who it may be manufacturer by, is compatible with any IP camera from any manufacturer across the board; no questions about it.  A built in switch relies on information it receives from the NVR to determine compatibility.  This can quickly turn into a problem absent any solution.  If you hard wire your IP camera to your built in switch on your NVR and you find that the camera isn't being detected, you're almost guaranteed to be the owner of an NVR and IP cameras that are probably never going to play nicely with each other, and likely not at all.  There is seldom anything you can do to fix a problem like this. On rare occasions, there's a setting that needs to be toggled somewhere, but don't plan on being this lucky.

You can still have compatibility issues with a dedicated switch, but those problems are usually limited to specific features and not the complete inability to bring up the camera whatsoever.  For example, a HikVision IP camera cannot be accessed by a Dahua NVR if you attach that camera to a built in switch on the NVR.  However, if you connect that same camera to a dedicated switch, you'll very easily be able to add that camera to the NVRs device list, but you'll be missing the motion detection feature without a lot of tampering.  We should mention again that any compatibility issues you encounter with a dedicated switch aren't cause by the switch, but by the manufacturers of the cameras and recorders. We are not promote HikVision / Dahua as both “High" level vulnerabilities. No participation in ONVIF committees for both brands. No access to new ONVIF software. Below media statement.