Friday, November 23, 2018

Difference of Closed and Open Circuit

Difference of Closed and Open Circuit

Hello Engineers, let us come from basics. A system in which the output quantity has no effect upon the input to the control process are called open-loop control systems, and that open-loop systems are just that, open ended non-feedback systems. But the goal of electronic control system is to measure, monitor, and control a process and one way in which we can accurately control the process is by monitoring its output.

We call flow of charge is called current. And in order to create the flow, we need a force. That we are achieving the positive charge and negative charge.


As positive charge and negative charge attract each other we create a circuit and make it flow.

Consider the diagram:

Here in order to glow the bulb, we need current (flow of charge) So we connecting a source, here battery.

Closed circuit.

Once we make the circuit complete +ve charge and -ve charge attracts each other. Thus creating a flow of electrons i.e. current. This complete circuit is called closed circuit.

Open Circuit

If you disconnect any side of the source or anywhere along the line the +ve charge and – charge cannot have any kind of attraction between each other resulting from an absence of flow of electrons. This incomplete circuit is called open circuit.

An electronic control system with one or more feedback paths is called a Closed-loop System. Closed-loop control systems are also called “feedback control systems” are very common in process control and electronic control systems. 

In a closed-loop system, a controller is used to compare the output of a system with the required condition and convert the error into a control action designed to reduce the error and bring the output of the system back to the desired response. Shown Relay work some time closed and open based on signal input in coil side.

Saturday, November 3, 2018

Video Security Dual Responsibility GDPR

Video Security Organizations’ Dual Responsibility Under GDPR

GDPR - the EU General Data Protection Regulation - is now in effect (on May 25th, 2018). The regulations are designed to protect the data privacy of European Union (EU) residents, but because the rules affect  any company handling EU data, the true influence of the GDPR is international in scope.

GDPR affects security technologies like video surveillance systems. Here’s what you need to know to improve your GDPR compliance.
GDPR is a regulation set forth to protect personal data and ensure the privacy of individuals within the European Union (EU), which is deemed to be a fundamental human right. The primary driver behind the regulation is to give individuals greater control over their personal data and how it is used. Despite its roots in the EU, GDPR also addresses the collection or storage of personal data from any EU citizen, as well as the export of data outside the region. Therefore, given the scope of GDPR, compliance is a global concern.

Because cybersecurity was a main driver behind GDPR, one of its mandates is that in the event that a data breach occurs, companies that collect personal data are mandated to report it in to the supervisory authority within 72 hours. Failure to comply with this regulation could result in penalties equaling 4 percent of a company’s global annual revenues or 20 million euros, whichever is greater.

Given the importance of individuals’ privacy and the potential penalties for non-compliance, these are important discussions; however, this focus is not enough for those of us in the security industry, who have a dual responsibility under GDPR. Why is that?

In practical terms of protecting individual privacy, GDPR places much of the responsibility and obligation on businesses and other organizations that deal with personal data. One of the key features of the new regulation is that those who are being monitored need to be fully informed about what data is being held on them and how it is being used.

Under GDPR, this “personal data” is defined very broadly as “any information relating to an identified or identifiable natural person,” referred to as the “data subject.” Naturally, the first types of personal data that come to mind are the classic examples such as name, physical address, phone number and email address, all of which meet the criteria. But these are only starting points, as the range of personal data types is expansive, encompassing more than simply text-based data.

As security professionals, we must recognize the reality that video in which a person can be identified is also considered personal data and is therefore subject to GDPR guidelines and requirements. Therefore, as organizations, we need to determine how best to become compliant with how we handle customer and employee data, including surveillance video. This dual responsibility must come into play when we consider how we design and operate security systems and collect video data through surveillance, including how we store and manage that video data after collection.

To do so, it is important to explore how many of the steps organizations must take to become GDPR compliant are also necessary to ensure that video surveillance data is compliant as well. These steps surveillance operators must take – and how they can be applied to collected video – are outlined below.

Administration
In general, the first step in ensuring GDPR compliance is to choose an administrator and record data processing activities. As an organization seeking to become GDPR compliant, it is essential to have a person on staff – known as a data processing officer – who will ultimately be responsible for data integrity. Each company providing video surveillance must choose an administrator.

In a security environment, choosing this administrator allows for an open way to publicly identify the person who is responsible for data collected from the surveillance systems and provide that detail to anyone who is monitored by video upon their request. In doing so, it is key to also make the name of this data processing officer available to every person who requests data as prescribed under GDPR.

Every organization should also have a procedure in place for when an individual chooses to exercise their right of access to personal data or request its deletion, which allows them to stay within the monthlong window within which GDPR requires them to comply with these requests. When making such a request, it is reasonable to expect an individual to provide adequate information in order to locate this data – for example, an approximate timeframe, and the location where the footage was captured.

Documentation

GDPR also recommends that record of processing activities (ROPA) documentation be maintained and the following information be made available upon request:
  • Category of individuals that processed personal data relates to
  • Purpose for which collected data is used
  • Whether personal data will be transferred (to whom and for what reason)
  • How long personal data will be stored
  • Description of technical and organizational measures to ensure privacy

According to GDPR, administrators should take all appropriate measures to provide this information concerning the processing of their data by surveillance systems to monitored individuals in a brief, transparent, comprehensible and easily accessible manner.


ROPA documentation must also include a risk assessment for individuals’ rights and freedoms and planned measures to address these risks, which include safeguards and mechanisms to ensure the protection of personal data and compliance with GDPR. This should take into account the rights and legitimate interests of individuals and other affected persons.

In a surveillance environment, these items are equally important. Focusing for a moment on purpose and extent of surveillance, it must be clear why and how much video is being collected, and for what reason. One thing to discuss with potential solution providers is the concept of privacy by design and “GDPR-ready” product features. In evaluating solutions, organizations should look for those that will help them more easily become GDPR compliant. An example would be technology supporting defined view of a specific perimeter. By leveraging solutions to define the perimeter, organizations adhere to GDPR in that they can more easily specify the extent of video surveillance.

Data Processing Inventory Assessment (DPIA)
Once an administrator has been chosen and ROPA documentation is complete, a DPIA is required for cases of “extensive systematic monitoring of publicly accessible premises.”


This requires specifying in writing why and for what purposes the camera system is recording. For example, a city needs to manage electrical and water utility stations and must ensure the utilities provide residents with dependable service. Therefore, the perimeter of these utility stations must be protected against crime and theft. Under GDPR, the city can specify that the surveillance is provided for this purpose. Another example would be to ensure the safety of citizens during public events, as surveillance video may be used by the police to provide real-time situational awareness for officers in the field. In this case, it can be specified, in accordance with GDPR guidelines, that video is being collected to support public safety.


This information directly correlates to ROPA documentation, so again we can see the connection between becoming compliant as an organization overall, as well as ensuring compliance for GDPR with information and data collected in a surveillance environment.

Data Security
Cybersecurity has been a major topic within the security industry for some years now. The importance of a surveillance system being cyber secure extends to compliance with GDPR, with tight control of video data being another key recommendation. It is vitally important when specifying a system that these critical measures are taken into account. The less data that is readily accessible to those outside the scope of an organization’s video data management procedures, the less risk there is of becoming non-compliant. The same philosophy applies to data breaches; administrators must report any leaks within 72 hours of notification.


To ensure GDPR compliance, companies should employ strong measures to prevent unauthorized access to the personal data they store, including video. The specific tools and tactics used by each company will be unique to the challenges they face. In all situations, however, companies must employ robust security controls, stay up to date with cybersecurity best practices and ensure they are working with trusted partners that provide secure hardware and software, as well as thorough aftercare. Therefore, organizations must work with security professionals and partners to better understand potential cybersecurity risks and talk about ways they can harden their systems to ensure GDPR compliance.

From a compliance perspective, the processes that must be put in place to ensure the “right to be forgotten” in an organization are very similar to those necessary to ensure a surveillance system is also in compliance. This requires taking a systematic approach to how video data is stored, transferred and deleted. These methodologies will ensure that if an individual requests his or her video footage be deleted, business systems and organizational structure will be in place to adhere to this request in an efficient manner. The concept of “right to be forgotten” is a significant part of the GDPR guidelines, and as we are just months into this new guideline, the impact on organizations and system operators after requests are submitted still remains to be seen.

Data audit
The first step toward cybersecurity risk management knows what data your company is collecting and how it is stored. A comprehensive data audit is fundamental because you’ll need to discover what information your company handles that could create liability under the GDPR. The GDPR is very inclusive in its scope, so a data audit should look at all platforms, device types and departments.

Risk assessment

Once you've done a data audit to establish a clear picture of how your company’s data management works, you’ll be in a position to make a risk assessment:
  • What cyber-threats could your company face?
  • Where are the security weak-points in your technology infrastructure?
  • Do you have effective cybersecurity measures in place?

End-to-End Compliance
It is important to consider the full scope of video surveillance. As a surveillance operator collecting video about living individuals, an organization will fall under the category of data controller and be held responsible for data management in accordance with GDPR. Anyone having access to video data, including subcontractors and hosted service providers, must meet requirements as well. These companies or individuals who have access to recorded video on behalf of an organization, such as hosting providers, fall under the category of data processors. In terms of company compliance, when reviewing contracts to ensure all companies comply in the same way as an organization has planned. In terms of surveillance, be sure to check that any persons or organizations who have access to video are also compliant and that contractual relationships reflect these obligations.

Ultimately, it is the surveillance system user (i.e., data controller) who is responsible for GDPR compliance and safeguarding the rights of individuals whose personal data the user collects and processes. While the data controller has ultimate responsibility to follow GDPR, data privacy is a team effort. Remember: We are all in this together.

Therefore, for users of surveillance equipment, solutions and services, it is important to partner with suppliers that are committed to respecting and safeguarding individuals’ privacy and protecting personal data. Users should also be able to rely on suppliers and vendors for the support and technical assistance necessary to facilitate GDPR compliance.

Due to its intent, the onset of GDPR is a positive one. It will allow data processors and controllers to use data in appropriate ways and have clear guidelines/procedures in place for data collection, management and surveillance. Many companies follow guidelines such as the UN Global Compact when it comes to sustainability and environmental responsibility. The UN Global Compact provides 10 clear principles to help guide companies in their sustainability efforts. GDPR provides similar clear direction to companies looking to protect individual privacy, a fundamental human right.

Information on individuals is a valuable asset and needs to be properly protected. Apart from making good business sense, the reputation and success of your organization can be under threat if personal information isn’t managed appropriately. Organizations can demonstrate effective management of personal information with BS 10012 from BSI.

It helps you:
  • Identify risks to personal information and put controls in place to manage or reduce them
  • Demonstrate compliance with data protection legislation and gain preferred supplier status
  • Gain stakeholder and customer trust that their personal data is protected 
  • Gain a tender advantage and win new business
  • Safeguard your organizations reputation and avoid adverse publicity
  • Protect you and your organization against civil and criminal liability
  • Benchmark your own personal information management practices with recognized best practice.

Basic Principles of the GDPR

Clearly Justified Purpose

All organizations must have a valid lawful basis for collecting and processing personal data
·         
Privacy by Design

The GDPR mandates that privacy must be a priority throughout system design and commissioning. The approach taken with respect to data privacy must be proactive, not reactive. Risks should be anticipated and the objective must be preventing events before they occur.
  
Right to Access

Under Article 15, the GDPR gives individuals control over their personal data including the right to see that data.

Right to be Forgotten

Under Article 17, the GDPR gives individuals control over their personal data including the right to have their personal data erased if it is no longer necessary for the intended purpose of the system.

Security

The GDPR requires organizations have comprehensive policies and procedures ensuring personal data remains within control of the organization at all times. Additionally, personal data breaches must be reported within 72 hours to the competent supervisory authority appointed by their country’s government.

Reference:
  1. https://www.mailguard.com.au/blog/gdpr-security-responsibility
  2. https://www.bsigroup.com/en-IN/
  3. https://edps.europa.eu/sites/edp/files/publication/10-03-17_video-surveillance_guidelines_en.pdf
  4. https://gdpr-info.eu/art-13-gdpr/



Sunday, October 28, 2018

Intrusion Detection and Prevention Systems

Intrusion Detection Systems (IDS) vs Intrusion Prevention Systems (IPS): What’s What?

An Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) have very similar acronyms by which they are commonly known, yet they perform very different tasks within the network security process. So what exactly do they do, how do they do it, and does your organization need either, neither, or both as part of your overall security posture?
Intrusion Detection System
Definitions are important in the security world—you have to understand what you are dealing with before you can accurately determine if it's a good fit for the needs of your organization. So what exactly is an Intrusion Detection System (IDS)? Simply put, an IDS can be either a hardware device or software application that monitors network traffic, incoming and outbound, for any malicious activity or security policy violation. Think of it as an intruder alarm, sounding an alert if it spots any activity that could lead to network and data compromise. It does this by inspecting the packets that flow across the network in order to detect known indicators of compromise and traffic patterns that suggest suspicious activity. In other words, an IDS is a passive system used to bring real-time visibility into potential network compromises.

How the IDS achieves this will depend on the type of system being deployed. They can be either network based, or host based. Network-based Intrusion Detection Systems (NIDS) will have sensors strategically placed within the network itself, sometimes at multiple locations, to monitor the most traffic without creating performance bottlenecks. Host-based Intrusion Detection Systems (HIDS) do things differently, and are run on specific hosts or devices, only monitoring the traffic associated with them. Either type can take different approaches to detecting suspicious traffic. Some might use signature detection, comparing packets against a database of known threats. Some might use an anomaly-based approach, comparing traffic patterns against an established network “normality” baseline. Some will combine both methods. All are known for generating false positives, at least initially. The IDS will need configuration to fine-tune it for the particular “norms” of your network and the devices attached to it.
Intrusion Prevention System
An Intrusion Prevention System (IPS) is like an IDS on steroids. Not only can it detect the same kind of malicious activity and policy violation that an IDS does, but as the name suggests it can execute a real-time response to stop an immediate threat to your network. Like an IDS, the IPS can be NIPS-based with sensors at various points of the network or HIPS-based with sensors on the host to monitor individual devices. Unlike the IDS, an IPS has the ability to configure policy-based rules and actions to be executed when any anomaly is detected. Think of it as being an active defense system, tailored to best suit your business needs in terms of security posture. 
Although often considered a firewall, this is an erroneous assumption about an IPS. If anything, an IPS is a firewall in reverse: The firewall applies a rule-set to allow traffic to flow; an IPS applies a rule-set to deny and drop traffic. That said, there are Unified Threat Management (UTM) devices, which do both and therefore act as firewall and IPS simultaneously. These might appear to offer the best of both worlds, in that they can actively allow “good” traffic while also blocking known “bad” traffic.  However, UTMs can be hard to manage optimally, and tend not to enable the same granularity of control over IPS protections as a stand-alone IPS can offer.

Which do you need?

Now you know the differences between an IDS and IPS, which does your organization need as part of its network security implementation? Truth be told, the stand-alone IDS has pretty much been replaced by the IPS as far as the IT security industry is concerned. That's not to say intrusion detection is a busted flush, but rather that detection has to be accompanied by prevention technologies in today’s increasingly frantic threat climate. For most organizations, the notion of administering an IDS as a separate solution alongside other reactive solutions makes little sense. What makes more sense is to adopt a layered approach to detection and prevention while working with a managed service provider (MSP) able to make better sense of the complexities of the security function and respond to alerts more effectively.

Friday, October 5, 2018

.MDB File Format in Access Software

.MDB File Format in Access Software
MDB is the default file format used in Microsoft Office Access, up to Access 2003. In the 2007 and 2010 versions, however, Access uses the newer ACCDB file format as the default.
The file extension for the MDB file format is .mdb.

Data, in the context of databases, refers to all the single items that are stored in a database, either individually or as a set. Data in a database is primarily stored in database tables, which are organized into columns that dictate the data types stored therein.

A database (DB), in the most general sense, is an organized collection of data. More specifically, a database is an electronic system that allows data to be easily accessed, manipulated and updated.

In other words, a database is used by an organization as a method of storing, managing and retrieving information. Modern databases are managed using a database management system (DBMS).

Microsoft Office Access is Microsoft’s answer to providing a small database engine. It enables users with little knowledge of database administration to quickly set up their own database. The following versions of Access use the MDB file format as default: Access 95, 97, 2000 and 2003.

In 2007, Microsoft introduced a new file format (the ACCDB file format) with the 2007 version of Access. Access 2010 continues to use the same format. However, the 2007 and 2010 versions are also compatible with the older MDB format.

Earlier Access control Systems manufacturer uses this extension to design Access Management software. Like Syris use cardV3.mdb for master database.


MS Access software allows users to create, manage and query a database using its GUI controls and features, without having to write programming queries.

Saturday, September 22, 2018

Role of IT in Access Control System

Role of IT in Access Control System


It is a fact that IT is becoming more involved in the physical security world. In a small minority of companies, these two departments are actually merging, although this is a mammoth task fraught with problems, not only in terms of technology, but primarily in terms of culture.

In the access control world, one could say it’s normal for IT to be involved in networking (assuming the access systems make use of the corporate network and/or the IP protocol), but the scope of IT has slowly been creeping into more of the access control functions. In smaller companies, for example, it’s not unusual for the service provider responsible for the company’s IT to also take the responsibilities of physical security.
So how far has IT made inroads into the access control world in general? HID Global broadcast arrange a webinar in October 2018 in which it revealed some new research into the increasing role IT departments and personnel are playing in the physical access control world. The webinar was hosted by HID Global’s Brandon Arcement and Matt Winn. After discussing the findings of the research, they went on to advise physical security operators as to how they can embrace their IT colleagues further, with the goal of improving the holistic security posture of their organisations.

The survey was conducted by The 05 Group, sponsored by HID and was completed in March 2018. As the title of this article notes, the research found that IT departments are now more involved than ever in organisations’ physical access control decisions and implementation, and that trend is set to increase.

The 05 Group surveyed 1 576 individuals from more than a dozen industries, including education (19%), information (16%), government (11%), manufacturing (8%), health services (8%), and security, professional and business services (8%). Of the respondents, 35% were IT managers, 26% were IT directors, 13% were IT staff, 8% were CIO/CTO, and 3% were VPs of technology. The survey also spanned companies of different sizes, with 24% having less than 100 employees, 22% 101-500 employees, 11% have 501-1000 employees, 17% have 1001-5000, 6% have 5001-9999, and 6% have 10 000-24 999 employees. The results therefore cover a broad spectrum of companies and industries.
 The numbers tell a story
The research offers a significant amount of data about the role of IT in access control, however the webinar brought out a few pertinent facts (a link to the white paper written by HID from the research is at the end of this article). When asking the organisations being surveyed “Who is primarily responsible for physical access control in your organisation”, the responses were as follows:
• 29% said both IT and physical security.
• 26% said IT only.
• 25% said facility management handles the job.
• 12% said physical security only.
• 8% said the property management company was tasked with access control.
With a quarter of the respondents already saying IT is responsible for access control, and a further 29% saying it is shared between the two departments, it’s clear that the divide between IT and physical security is rapidly vanishing – and in some cases, altogether gone. And this is a trend that will continue; in organisations where IT is not involved in access control, 36% of the respondents said it will be within the next five years.

For those organisations where access control responsibilities are shared, 47% of the respondents report it had been shared within the past five years. Similarly, where IT owns the responsibility, 42% of the companies say they were given this task within the last five years. Once again we see that IT/physical security convergence in the access world is an expanding reality.

We mentioned IT’s influence in access control above in terms of the networking of access systems, however, this is an old function. The webinar showed that both IT professionals as well as physical security professionals see IT being involved in all areas of access control. When it comes to physical security professionals:
• 66% of physical security professionals see IT involved in influencing the decision-making process.
• 48% see IT’s involvement in integrating access and other systems.
• 37% see IT involved in implementation.
• 22% see IT involved in managing the systems.
From the other side of the table, IT professionals have a similar view:
• 76% expect to influence decision making.
• 72% will be involved in integration.
• 59% will be involved in implementation.
• 39% expect to be involved in managing systems.

Not all wine and roses
Of course, as these different cultures work together, there are bound to be some issues. It is in the field of integration where IT sees problems. Half of the IT people surveyed have issues with the lack of integration of access systems with other IT systems. This is an area in which the access control industry could make significant changes in the short-term to ensure their software and hardware can be more easily integrated with existing business management and security systems.

When it comes to new access control systems, the IT school has a few things it wants to see on the vendors’ to-do list. They want improved ease of use (71%), the ability to support or add new technologies (68%), mobile access (59%), and integration with existing security platforms (54%).

It’s also clear from the survey that IT is not all that comfortable with access control technology. Areas such as credential management, decision making with respect to access control systems, how system components work and also individual features within access systems can cause a bit of nervousness among the IT folk. These are areas in which physical security professionals can make their mark, as they are more skilled in dealing with these issues as well as others unique to their industry. 

Helping IT in access
The driver behind this convergence is not a technical issue, but is itself a convergence of a number of separate drivers. HID notes the primary drivers are:
• Converged threats that impact both physical and logical infrastructure. If you have a physical vulnerability it puts your logical systems at risk, and vice versa.
• Proliferation of networked devices in the age of IoT (the Internet of Things) which all require both physical and logical security. Interestingly, the webinar held its own real-time survey of the attendees and this topic was selected as having the biggest impact on access control’s shift to IT with half of the audience selecting it.
• Compliance to new regulations, which again rely on both sides of the table.
• Budget consolidation, which we are all suffering through.
• A shift in reporting structures as executives try to get a handle on the seemingly endless threats companies face on all fronts.

When it comes to the role of physical security professionals and how they can assist in the convergence between the two sides and help improve organisational security, 80% of the respondents said they play a role in establishing best practices, while 50% see physical security having a role in preventing unauthorised access in general, and 49% say they can help in achieving compliance. In order to streamline collaboration, the HID webinar suggests, among other issues, that both sides need to work on aligning project priorities and determining responsibilities, and balancing the technical acumen of IT when it comes to access products and management. 

A converged example
The webinar went on to provide an example of how the two divisions could work together in an access control installation. When it comes to the physical access control host, HID advises organisations to integrate physical access control systems (PACS) with an IT source of identity such as LDAP. Furthermore, administrators should ensure there is a set policy around regular software updates and patches, while they should also take advantage of IT’s experience (and equipment) to ensure high availability.


When it comes to the controller, HID advises organisations to settle some of the issues raised above by requiring an open controller platform that can be integrated with other technologies and other vendors’ products. Preventing vendor lock-in is a costly lesson IT departments have learned. It also suggests considering an ‘IP-at-the-door’ topology, keeping controller firmware updated to the latest versions, using strong passwords and encrypting communication between controllers and hosts (and using OSDP – Open Supervised Device Protocol – for encrypted reader communications).

Another strong warning was to take care when selecting access credentials as many of the card and fob technologies available are easy to replicate, making it simple for the wrong people to easily gain access. There are secure card technologies out there and these should be used as a standard. A business benefit of these more advanced credentials is that they can also be used for additional business functions, such as secure printing, vending machines and network logon.
The webinar presenters also touched on the benefits of using users’ mobile devices as credential holders. These can offer higher levels of authentication, easier administration and more user convenience that does not come at the expense of the company’s security.

Whether you are on the IT or physical security side, the most important part of the research (depending on your biases) can be seen in the answer to the question “Do you believe that increased collaboration between physical security and IT can improve the overall security of your organisation?” An overwhelming 95% of all the respondents said “yes”.

While the full convergence of physical and logical security is still some way off, people in the access control sector obviously understand that IT and physical security working together is critical to develop a successful security defence strategy for their organisations. In the access control industry this may be easier to achieve, but as noted in the introduction, it is often a question of culture (or ego, to be blunt) that prevents collaboration and results in organisations being vulnerable to the ever-increasing threats they face from well-organised criminal syndicates, as well as unhappy teenagers with too much time on their hands.

End of the article thanks to Mr. Andrew Seldon, for valuable time to us & security sa team.

Saturday, September 8, 2018

CCTV HDD Bad Sector Repair Steps

CCTV HDD Bad Sector Repair Steps

If you are a Electronic Security Technician you must know how to repair DVR / NVR HDD Bad Sector.
Some Common surveillance Hard Drive Problems.

Three Methods:Windows XP, Windows 7, Windows 8
Bad sectors are sections of your computer’s hard drive that have been damaged, and have lost the ability to save and store your data. If your computer makes grinding noises when using the hard drive, that’s a good sign that your hard drive has bad sectors. When you repair a bad sector, your computer will replace the bad sectors with good sectors and ignore the bad sectors. The methods for repairing bad sectors are different, depending on what version of Windows you’re using. (This is all falls under common hard drive problems )

The larger your hard drive, the more sectors there are to check, and the longer this process will take. Start this process when you won’t need your computer for a while, such as overnight.

Windows XP
Close all of your open programs and files. Windows XP can’t scan or fix a bad sector if that sector is being used by an open program or file.

Windows XP uses a system utility called Chkdsk to scan for and fix bad sectors.
Open My Computer. Double-click My Computer to open it.
Choose a hard drive to check for bad sectors. In the Explorer window, in the sidebar, right-click the hard drive you’d like to check for bad sectors, and then click Properties.

The C: drive is often the hard drive.
In the Properties window, click the Tools tab.
In the Error-checking section, click Check Now.
Choose the Check Disk options you’d like to use. In the Check Disk dialog box, you can have Check Disk fix file system errors it finds and recover bad sectors.
If you’d only like to scan for and fix bad hard drive sectors, make sure that Automatically fix file system errors is unchecked.
Click Start. Windows will start checking your hard drive for bad sectors and will fix any that it finds.
If you have any open files or programs at this point, you’ll get an error message asking if you’d like to schedule the disk check when you restart your computer. If you click Yes, it will restart your computer and perform the disk check.
Review the Chkdsk report. When it’s done.
(This is all falls under common hard drive problems )

2 of 3: Windows 7
Close all of your open programs and files. Windows 7 can’t scan or fix a bad sector if that sector is being used by an open program or file.
Open Computer. Click Start, and then click Computer.
Choose a hard drive to check for bad sectors. Right-click the hard drive you want to scan, and then click Properties.
In the Properties window, click the Tools tab.
In the Error-checking section, click Check now.
Check the Scan for and attempt recovery of bad sectors.
You can also check the Automatically fix file system errors to check the hard drive for software-based errors.
Place a check mark within the box next to “Scan for and attempt recovery of bad sectors.”
Click Start. Windows will start checking your hard drive for bad sectors and will fix any that it finds.
Don’t use your computer while Windows attempts to fix errors.

If you have any open files or programs at this point, you’ll get an error message asking if you’d like to schedule the disk check when you restart your computer. If you click Yes, it will restart your computer and perform the disk check.
Review the check disk report. Click the See details down arrow to see more details about your report.
(This is all falls under common hard drive problems)

Method 3 of 3: Windows 8
Move the mouse cursor to the upper-right corner of the screen, move the mouse pointer, and then click Search.
If you’re using the touch interface, swipe in from the right edge of the screen, and then touch Search.
For these steps to work, you will probably need an admin account and password.
In the Search field, type This PC, and then click or touch This PC.
Right-click the drive you want to repair, and then click Properties.
If you’re using touch, press and hold the drive you want to repair, and then touch Properties.
Select the Tools tab.
Under Error checking, click or touch Check.
You may be asked for an admin password. Enter your admin password. If you don’t have one, contact the person who has the admin account.
Review the scan results. The error checking scan will tell you either that there are errors or there aren’t errors. You can still repair the drive, even if there are no errors, but you don’t need to.
Click Scan and repair drive.
Choose when to repair the file system. In the Restart your computer to repair file system errors dialog box, click Schedule on next restart to repair your hard drive the next time you start the computer. Click Restart to repair the hard drive now.
Wait for Windows to scan and repair the hard drive sectors. Do not try to use your computer or interrupt the sector scan while it’s happening.


Surveillance is one of the segments where most of the time normal hard drives being used. However there are surveillance drives available with a little price difference, but performance is far better. On the other hand, surveillance HDDs are built to record data 24×7 from multiple camera streams or channels.