Securing a VMS: 3 Things to Remember
The VMS is a critical part of physical security solutions. Greatly reduce the risk of your customer’s VMS being compromised by utilizing these tips.
Securing a video management software (VMS) system in not much different than securing any other computer. If you manage to apply some of the basic cybersecurity controls, you will greatly reduce the risk of your customer’s VMS being compromised by an attacker.
Here are three tips to securing a client’s VMS:
- VPN Firewall: If the VMS has access to the Internet, it will be vulnerable to Internet attacks. A firewall between the Internet and VMS system should be put in place. Do not port-forward any device that was not built to withstand the constant attacks that occur to every system that is directly connected to the Internet. Instead of port-forwarding, a firewall with a VPN server can allow for remote access to the VMS from the Internet in a secure, encrypted manner.
- Network Segmentation: Large enterprise organizations fully understand and implement network segmentation strategies, but many small and medium-sized businesses do not. Be sure that video surveillance equipment is on a separate network from other computing devices. This way, if a computer is compromised, the attackers won’t be able to get to the VMS system. If video surveillance equipment becomes compromised, the attackers won’t be able to get to other computers.
- Passwords: We all hate passwords but have to deal with them every day. Most people know that passwords should be long (12 characters or more) and with mixed characters (uppercase, lowercase, numbers and special characters). What many people don’t know is that you should never use a password for more than one account. Many account compromises happen because the victim reused a password. Ensure that passwords are long and recommend using a password manager. That way, the user will never have to remember any of them.
The VMS is a critical part of physical security solutions, so be sure to apply these basic cybersecurity controls to greatly reduce the risk of your customer’s VMS becoming compromised.
Chuck Davis, MSIA, CISSP-ISSAP is Senior Director of Global Cybersecurity for video surveillance provider Hikvision.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.
A FREE subscription to the top resource for security and integration industry will prove to be invaluable.