A Layered Strategy

Posted by
Renae Landis on Apr 27, 2020 8:00:00 PM
Tanner LaRocque on 4 minute read

The layered approach to system health monitoring and cybersecurity

by Kyle Smith - Senior Sales Engineer

Layered Security Image-01-2

In the Marine Corps, I trained as a "tank killer" before being selected to protect nuclear weapons on a submarine base. After attending these training schools back-to-back, I noticed protection is most effective in layers. A tank with an added layer of reactive armor is more difficult to destroy with a missile. The closer to an actual nuclear asset, the ever-increasing levels of protection were used. So much so, that in penetration tests, Navy SEALs were never able to breach Marine protected areas.

Converging Security Arenas

Layers are also used with cybersecurity and system health monitoring. The convergence of IT and Physical Security goes beyond the sharing of network resources; it extends deep into holistic shared network monitoring. With this shared space between IT and Physical Security departments, tools, and applications that provide security and talk to each other are needed to provide visibility across multiple sites. A protected security system is critical to the overall security of the enterprise in both a physical and logical spheres.

If the coordination of a shared network was not enough of a challenge, physical security systems are a prime target for ill-intentioned keyboard commandos and mindless botnets like Mirai.

An IP camera alone has a high-powered processor capable of performing analytics. Imagine an unauthorized entity taking control of hundreds or thousands of these network devices and the sheer volume of data that could be stolen. Required system health checks have been an essential part of an IT department's day-to-day tasks and are now becoming a new tool for Physical Security departments to diagnose breaches.

An open-source platform is also an essential part of a network to be sure all cameras and IoT devices, like card scanners, door locks, and smart security lights, can be monitored from a central location with shared access via the cloud.

Small change being put into piggy bank

Saving Money

In the security industry, time saved is dollars in our pocket. Knowing if a camera is offline, CPU temperature is above normal levels, or performing a RAID health check could mean the difference of incurring the cost of rolling a truck to diagnose a problem or simply remotely rebooting a camera physically.

The Reality of IP Camera and IoT Device Installation

When an IP camera or security IoT device is installed, they often never receive a firmware update or username and password change after the initial setup. This is a straightforward fix but often skipped due to the manual nature of this task. The sheer size of a network and the location of a camera or IoT device can also pose a question if the device is working correctly.IOT - Word on the Place of Missing Puzzle Piece through Magnifier. Selective Focus.

Imagine a network camera is placed 100 feet in the air atop a water tower with a rusted access ladder. A very real scenario that would be very difficult to access and require a bucket truck rental, additional crews dispatched, and time spent. Now, imagine a thousand different remote sites with precariously placed cameras and IoT devices and the exponential effect on the video surveillance and IoT network.

Smart cities and smart buildings are the result of the cost reduction in technology and becoming a reality, and as we have seen many times, proving sci-fi movie predictions correct. However, the security of these new devices still poses a problem.

A Proactive Layered Strategy

Not providing the most basic level of security leaves IoT devices especially vulnerable to attack, and why Denial of Service attacks perpetrated with IP cameras on Netflix, Twitter, and Reddit in 2016.

RazberiMonitor health monitor

Had layers of security protections and health monitoring software been applied, those systems would have been less vulnerable and proactively alerted the security team. Merely using a complex username and password combination, verified by Razberi CameraDefense™, would have been a layer of protection to prevent a takeover. Turning on a Device Firewall inside CameraDefense™ to block TelNet traffic (Mirai's search method) would have been an additional layer. Even if the device were already compromised, a CameraDefense™ Device Whitelist would be a layer that prevents a device from phoning home or seeking other machines to infect.

Razberi Monitor™ cloud-based platform would have allowed multiple users to access the network in real-time and remotely view alerts of different sites and quickly diagnose the issue.

Protecting with Layers

Similar to a tank, adding layers of security to your networking systems is the most effective strategy to protect your assets against attacks. During installation, changing the defaultusername and password of a device is a simple layer of protection to prevent hackers from gaining access. Each step you take is another layer of protection in your security, and being able to access and understand the alerts quickly is the difference between identifying a vulnerability or being the latest story on securityinformed.com.

Topics: cybersescurity, IoT, Vulnerability


AdobeStock_343144330 400x220


Read More

About Razberi Technologies

Razberi makes it simple to manage and secure video surveillance and IoT systems. Razberi’s open video surveillance platform includes intelligent appliances combined with automated cybersecurity, and health monitoring software. In combination with a wide range of top third-party video management software (VMS) applications and IP cameras, enterprises can flexibly deploy a best-of-breed solution that reduces their total cost of ownership and reduces the likelihood of a costly cyber breach. Razberi is headquartered in Dallas.

Follow Us

Recent Posts

Did you enjoy this article? Subscribe to email updates.