Category: Latest

Video management software has become an indispensable part of security and surveillance applications. With the advent of cloud-based video surveillance, the power of VMS cannot be limited to just video monitoring. The new age VMS systems with intelligent video analytics are capable of offering much more than surveillance. The cloud-based VMS systems not only fulfill comprehensive surveillance needs of the businesses, but also complement other business processes, which may directly or indirectly reflect into the business ROI. Whether it is a new VMS installation or upgradation of an existing VMS system, enterprises (considering their business processes to be more interactive, connected and integrated) prefer their on premise or remote business systems to be integrated with the cloud-based Video management software. Since every business and its processes are different, the video surveillance needs of the enterprises also vary from each other. With the availability of flexible and customized video surveillance and analytics services, enterprises find it challenging to pick suitable thirdparty systems and apps to support their preferred VMS system. Therefore, most of the enterprises are shifting towards Video Surveillance-as-a-Service with their system integrators or VMS service providers. Most of the VMS service providers and system integrators are offering an open source or vendor independent cloud-based video management software to their clients for the obvious reason of making VMS compatible with third-party systems and applications. Why do third-party systems need to be compatible with video management software The third-party systems in VMS can be defined as any of the systems, applications or devices used to support and enhance the functionality of a video management software in order to improve the security and business processes of an enterprise. There are hundreds of companies manufacturing security and surveillance devices (like IP cameras, NVRs, Audio Devices, GPS systems etc.), but all the available devices are not necessarily compatible with the video management software preferred by the companies. Therefore, it is very important for VMS service providers or system integrators to check the compatibility of the surveillance software with the available thirdparty devices required for the project. Types of third-party systems and applications for VMS solution Third-party systems for a video management software are either physical devices installed at the surveillance location and office premises or widgets/ applications embedded in a video management software to enable intelligent video analytics. These systems and applications can be classified into two major categories; one as the systems for security and surveillance, and other as the system for supporting and enhancing business processes. Let us discuss them in detail. Security and surveillance systems Most of the third party systems and applications for security and surveillance are common across industries and are necessarily required to be part of a video management software. IP cameras An IP camera is a primary and mandatory requirement of any VMS system. A cloud-based video management software should support all types of IP cameras (Wired and Wireless cameras, PTZ, 360 degree, night vision, autofocus cameras etc.) from the major players/ manufacturers of the industry. VMS systems for customized surveillance projects must support IP cameras with open standards-based application programming interface (API), which allows system integrators to program the cameras for specific applications. IP surveillance cameras for video surveillance software must support multiple video streams and video compressions (H.264, MJEPEG) to send the video data with low latency. ONVIF support of the IP cameras with VMS systems can be an added advantage for the surveillance project. Access control devices Access control devices integrated with video management software provide physical security to any place or premise secured by the system. Integration of VMS with access control devices allows users to monitor, control and analyze multiple access points in real time, track the number of times access granted by the devices and react immediately in case of any event is triggered. Video surveillance along with access control helps in intrusion management, biometric attendance management and identity management. Fire and smoke detectors Fire and smoke detectors are the devices, which essentially need to be integrated with the VMS system of an enterprise. Large sized enterprises can have a large number of smoke detectors, which in case of fire, trigger the fire alarms of the building. An integrated fire alarm system with VMS allows a user to quickly identify and view the location of the fire alert. A quick response to such an emergency can help in saving lives and business assets. Video analytics for security & surveillance Video analytics in a VMS solution are a result of the structured algorithm of the software and many times inbuilt functionality of the devices connected to the VMS system. Video analytics for security and surveillance can be motion detection to prevent unauthorized access in restricted areas, perimeter protection to protect the virtual/ physical boundary within the enterprise, object detection, face recognition, people counting etc. A well-connected video management software with other surveillance and business-related devices can allow users to have complete control over business processes with security solutions and helps in improving the customer’s experience with the enterprise. Third party systems supporting business processes Cloud-based video management software is a well-accepted solution for security and surveillance across industries. Moreover, its structure of assimilating the functionalities of other business supporting systems enhances its business management capacity, incredibly. It empowers its administrators to have an inclusive approach to managing their business processes optimally without compromising on safety and security. Let us discuss the third party systems (used in different industries) that can be integrated with a VMS solution to enhance the business processes. Retail Third party systems and applications of a retail video management software are helpful for both employees of the retail stores and the customers visiting the stores. Here are some of the important systems to be integrated with retail video management software: Point of sale (POS systems): Integration of VMS with POS of any retail store can help in checking the fraudulent activities done by shoplifters or employees in a retail store. At POS, a customer pays for the shopped products,…

CyberArk survey shows organizations are failing to secure privileged accounts and credentials in the cloud, on endpoints and across IT environments. According to the CyberArk Global Advanced Threat Landscape Report 2018, nearly half (46 percent) of IT security professionals rarely change their security strategy substantially – even after experiencing a cyber-attack. This level of cyber security inertia and failure to learn from past incidents puts sensitive data, infrastructure and assets at risk. Security starts with protecting privileged accounts An overwhelming number of IT security professionals believe securing an environment starts with protecting privileged accounts – 89 percent stated that IT infrastructure and critical data are not fully protected unless privileged accounts, credentials and secrets are secured. Respondents named the greatest cyber security threats they currently face, including: Targeted phishing attacks (56 percent), insider threats (51 percent), Ransomware or malware (48 percent), unsecured privileged accounts (42 percent), unsecured data stored in the cloud (41 percent).  IT security respondents also indicated that the proportion of users who have local administrative privileges on their endpoint devices increased from 62 percent in 2016 survey to 87 percent in 2018 – a 25 percent jump and perhaps indicative of employee demands for flexibility trumping security best practices. The Inertia that could lead to data compromise The survey findings suggest that security inertia has infiltrated many organizations, with an inability to repel or contain cyber threats – and the risks that this might result in – supported by other findings: 46 percent say their organization can’t prevent attackers from breaking into internal networks each time it is attempted; 36 percent report that administrative credentials were stored in Word or Excel documents on company PCs; Half (50 percent) admit that their customers’ privacy or PII (personally identifiable information) could be at risk because their data is not secured beyond the legally-required basics. Inertia and a ‘Hands-Off’ approach to securing credentials and data in the cloud create cyber risk The automated processes inherent in cloud and DevOps mean privileged accounts, credentials and secrets are being created at a prolific rate. If compromised, these can give attackers a crucial jumping-off point to achieve lateral access to sensitive data across networks, data and applications, or to use cloud infrastructure for illicit crypto mining activities. Organizations increasingly recognize this security risk, but still have a relaxed approach toward cloud security. The survey found that: Nearly half (49 percent) of organizations have no privileged account security strategy for the cloud; More than two-thirds (68 percent) defer on cloud security to their vendor, relying on built-in security capabilities; and 38 percent stated their cloud provider doesn’t deliver adequate protection. Changing the security culture Overcoming cyber security inertia necessitates it to become central to organizational strategy and behavior, not something that is dictated by competing commercial needs. According to the survey: 86 percent of IT security professionals feel security should be a regular board-level discussion topic; 44 percent said they recognize or reward employees who help prevent an IT security breach, increasing to nearly three quarters (74 percent) in the U.S.; and Just 8 percent of companies continuously perform Red Team exercises to uncover critical vulnerabilities and identify effective responses. “Attackers continue to evolve their tactics, but organizations are faced with cyber security inertia that is tipping the scales in favor of the attacker,” said Adam Bosnian, Executive Vice President, Global Business Development, CyberArk, “There needs to be a greater urgency in building cyber security resilience to today’s attacks. This starts by understanding the expanding privileged account security attack surface and how it puts an organization at risk. Successfully battling inertia requires strong leadership, accountability, clearly defined and communicated security strategies, and the ability to adopt a ‘think like an attacker’ mindset.”

This bulletin outlines the security recommendations that NIST recently provided in Special Publication (SP) 800-125A – security recommendations for Hypervisor Deployment on Servers. The document provides technical guidelines about the secure execution of baseline functions of the hypervisor, regardless of the hypervisor architecture. In the past, a user wishing to set up a computing server generally needed to use a dedicated host with dedicated resources such as a central processing unit (CPU), memory, network and storage. Modern systems have technology that lets one create virtual machines to emulate what used to be physical, dedicated resources. This practice is known as virtualization and supports more scalable and dynamic environments. A critical component of this technology is the hypervisor, the collection of software modules that enables this virtualization and thus enables multiple computing stacks – each made of an operating system (OS) and application programs – to be run on a single physical host. Such a physical host is called a Virtualized Host and is also referred to as a Hypervisor Host. The individual computing stacks are encapsulated in an artifact called a Virtual Machine (VM). To make a VM an independent executable entity, its definition should include resources such as CPU and memory, allocated to it. The VMs are also called ‘Guests,’ and the OS running inside each of them is called ‘Guest OS.’ The resources associated with a VM are virtual resources, as opposed to physical resources associated with a physical host. The hypervisor forms part of the virtualization layer in a virtualized host and plays many of the same roles that a conventional OS does on a non-virtualized host, or server. Just as a conventional OS provides isolation between the various applications, or processes, running on a server, the hypervisor provides isolation between one or more VMs running on it. Also, like an OS, the hypervisor mediates access to physical resources across multiple VMs. Therefore, all other functions needed to support virtualization – such as emulation of network and storage devices and the management of VMs and the hypervisor itself – can be accomplished using kernel-loadable modules, although some hypervisor architectures accomplish these tasks using dedicated VMs. The hypervisor can be installed either directly on the hardware, or bare metal (Type 1 Hypervisor), or on top of a fullfledged conventional OS, called Host OS (Type 2 Hypervisor). Here, we discuss the baseline functions of a hypervisor, how these functions are distributed in a hypervisor, and how this information is used to develop security recommendations that provide assurance against potential threats to the secure execution of tasks involved in the hypervisor’s baseline functions. Hypervisor baseline functions It might appear that all activities related to the secure management of a hypervisor and its hardware host – collectively called the hypervisor platform – should simply consist of established best practices for any server class software and its hosting environment. However, closer examination reveals that the unique functions provided by the Hypervisor Platform require a dedicated set of security considerations. These functions are called hypervisor baseline functions (HY-BF) and are labeled HY-BF1, HY-BF2, HY-BF3, HYBF4, and HY-BF5. They are described below: HY-BF1: VM process isolation Scheduling of VMs for execution, management of the application processes running in VMs (e.g., CPU and memory management), and context switching between various processor states during the running of applications in VMs; HY-BF2: Devices mediation & access control Mediates access to all devices (e.g., network interface card [NIC], storage device such as IDE drive etc). One mediation approach is to emulate network and storage (block) devices that are expected by different native drivers in VMs by using emulation programs that run in the hypervisor kernel; HY-BF3: Direct execution of commands from guest VMs Certain commands from Guest OSs are executed directly by the hypervisor instead of being triggered through in terrupts and context switching. This function applies to hypervisors that have implemented para-virtualization instead of full virtualization; HY-BF4: VM lifecycle management This baseline function involves all functions from creation and management of VM images, control of VM states (start, pause, stop etc), VM migration, VM monitoring, and policy enforcement; and HY-BF5: Management of Hypervisor This baseline function involves defining some artefacts and setting values for various configuration parameters in hypervisor software modules including those for configuration of a Virtual Network inside the hypervisor. NIST SP 800-125A provides detailed security guidance based on an analysis of threats to the integrity of all the above functions. The only exceptions are the set of guidelines for configuration of virtual network (subset of HYBF5), which are covered in a separate document (NIST SP 800-125B). The above functions are carried out by different hypervisor components, or software modules. There are some minor differences among hypervisor products in the way that they distribute these functions. The mapping of these functions to hypervisor components and the location of these components within a hypervisor architecture are described in the table below: Approach for developing security recommendations Developing security recommendations for the deployment and use of a complex software such as the hypervisor requires knowledge of potential threats which, when exploited, would affect the three basic security properties – confidentiality, integrity, and availability – of hypervisor functions. The approach adopted for developing security recommendations for the deployment of hypervisors in NIST SP 800125A is as follows: Ensure the integrity of all components of the hypervisor platform, starting from the host BIOS to all software modules of the hypervisor. This action is accomplished through a secure boot process, outlined as recommendation HY-SR1; Identify the threat sources in a typical hypervisor platform. The nature of threats from rogue or compromised VMs is briefly discussed in SP 800-125A; and For each of the five baseline functions HY-BF1 through HY-BF5 (except for HY-BF3, the direct execution of certain commands from guest VMs by the hypervisor), identify the different tasks under each function, and for each of the tasks, identify the potential threats to the secure execution of the task. The countermeasures that will provide assurance against exploitation of these threats…

Access management can be defined as the process of granting authorized users the rights to use a service, while preventing access to non-authorized users. Following are the key access management growth factors over the next five years. GDPR deadline fast approaching Traditionally, finance, banking, insurance, government, utilities and other heavily regulated end-user sectors have focused on identity- and accessmanagement solutions. However, over the past year there has been growth in non-traditional markets. Not only have the manufacturing and retail sectors become more security conscious, but the increase in the number of data breaches and the looming legislation around General Data Protection Regulation (GDPR) in May 2018 has also piqued renewed interest in security and identity and access management (IAM) solutions. ● Highlight ● The global access management market is projected to increase from $5.4 billion in 2016 to $9.6 billion in 2021. ● Companies with 5,000 or more employees are projected to contribute the largest revenue growth to the access management market over the next five years. ● Over the past year, there has been growth in non-traditional market sectors such as manufacturing and retail. Smaller organizations using access management solutions Access management solutions have traditionally been deployed by larger organizations. In fact, companies with 5,000 or more employees are projected to contribute the largest revenue growth over the next five years, increasing from $4.38 billion in 2016 to $5.4 billion in 2021. The proportional importance of this segment is forecast to decline from 80 percent of total access management revenue in 2016 to around 56 percent in 2021. Small and medium-sized enterprises (SMEs) will steadily increase the amount of access management solutions they deploy. For example, revenue from companies with between 1 and 499 employees is projected to increase from $109.6 million in 2016 to $705 million in 2021. This segment managed to grow from 2 percent of total revenue in 2016 to 7.3 percent in 2021. The introduction of more cloud solutions within the access management market is likely to help SMEs, in particular, because cloudbased access management solutions can be more cost effective and scalable for small and medium enterprises. On-premises hybrid and cloud solutions As there are still a lot of applications running on premises at companies, a significant portion of larger organizations still want some on-premises solutions. Larger organizations are more likely to move to a hybrid model, with some applications running in the cloud as a stepping stone toward full adoption of cloud solutions. Hybrid solutions are projected to increase from $1.1 billion in 2016 to $1.7 billion in 2021. In contrast, smaller organizations are more likely to deploy software-as-a-service (SaaS) solutions, which for them can be more cost effective than on-premises solutions. Technological developments and the battle with hackers There is a continuous battle being waged as hackers increasingly try to gain control of the networks they want to compromise. It is important for organizations to take into account people’s locations, to help detect fraudulent activity and ensure the right people have the right access, at the right time and at the correct location. Technologies like machine learning (ML) and artificial intelligence (AI) are also important weapons in this battle. Leveraging emerging technologies, such as behavioral biometrics, will help to reduce the burden on end-users and increase the validity of identity proofing. Organizations can learn a lot about how people interact with their networks, to give a full picture of how things are evolving, but these technology developments are a bit of a cat-and-mouse game. Blockchain makes security cheaper and more accessible Many organizations have isolated and centralized identity management systems, but the current landscape demands federation and single sign-on (SSO). These systems make identity management, protection and verification very cumbersome, costly and risky for industry enterprises and government agencies. Blockchain has the potential to introduce improvements that can make security more accessible and budget friendly. With smart contract capabilities, there can even be a secondary market where users benefit from sharing resources back to the network. Smart contracts automatically execute pieces of code carrying valuable data or performing other condition-based executions. A permissioned blockchain technology provides core capabilities that enable a trusted digital identity network to build and operate the following: A shared, append-only ledger, with one version of the facts shared across all permissioned network participants in real time. Smart contracts that ensure verifiable and signed business logic is executed in each transaction. Trust between known participants, to verify transactions and ensure records are valid. Privacy and security measures that grant access only to permissioned parties. Cybersecurity – Access Management Report 2018 This two-volume report provides coverage in several key areas of the identity and access management market, including access management and identity governance and administration. It provides detailed analysis of individual vertical markets from market-specific operating models to key trends and development opportunities.

Lower storage spend Organizations are keeping as much as 40% of their inactive data on their most expensive infrastructure. With unstructured video growing exponentially, fueled by the rise of new video surveillance programs, one can’t afford to have this kind of inefficiency. The solution is to adopt a multi-tier storage system that automatically migrates the video to the most cost efficient tiers of storage. Whether that’s high-performance disk storage, object-based storage or high-capacity primary storage, file-based tape or the cloud – the organization can cost-effectively store data based on various policy requirements. Easy, immediate access Finding a file in the system should be no more difficult than finding a document on a C: drive.           Quantum’s solution for video surveillance is a single file system, built specifically for video applications. On the backend, retention and access policies can be set to handle data migration and simplify organization and file recall. High performance Storage performance that performs inefficiently prevents companies from capturing usable data. Quantum’s StorNext software retains data cost-effectively, supports complex video management systems and analytic applications, and ingests video from 4 times as many cameras per server to deliver time-to-decision results, allowing proactive protection and crime prevention. Quantum’s storage infrastructure not only handles this sheer volume of data with ease, but also delivers streaming performance regardless of whether it’s on disk, tape, or in the cloud. Scale with storage needs The ability to seamlessly integrate more sources of information into modern analytical tools is becoming more important, as is the capacity to scale and accommodate increased camera and sensor counts, panoramic coverage and higher image resolution. As more cameras are added, image resolutions increase and retention times become longer, Quantum’s solution can scale to handle the need for more capacity. Compliant with current infrastructure Quantum’s storage solutions support all major platforms, operating systems and networks, and      integrate seamlessly with VMS and other systems. This enables security professionals to integrate the solution into their existing infrastructure without being locked into a  single vendor or platform as well as to configure the file interface to receive input from a variety of devices and systems. No trade-off necessary To gain more insight and an increased return on investment from video surveillance data, a storage solution must balance high performance, high capacity and high retention. These three parameters can be flexed to provide the best trade-off between budget and mission whilst minimizing sacrifice of redundancy, accessibility or scalability. Gateway storage architecture Upgrading storage capabilities while also satisfying budgetary restrictions is a challenging part of building a comprehensive storage infrastructure. Instead of replacing the pre-existing storage system, why not build onto it? Artico™ offers an easy, nondisruptive choice for adding Quantum tape, FlexTier™, and Lattus™ scale-out storage to an existing security environment. Quantum’s StorNext platform is a policy-driven tiering software, allowing users to extend primary storage with scalable, more cost-effective tiers of storage. Our multi-tier solution is ideal for security and surveillance organizations with large amounts of video dealing with the challenges that come with scaling storage with your data growth. End users can set up policies to automatically migrate data across tiers, utilizing less costly types of storages like file-based tape and cloud, thus delivering the total capacity needed more cost effectively.  

Do you know how to protect your webcam from being hacked? Would you know if a cybercriminal was using your printer to carry out cyberattacks? While most of us are aware of the dangers that cybercriminals can pose to our computers and mobile phones and take steps to protect them, we seldom consider how these threats can affect the growing number of Internet vc connected devices we use in our daily lives. The ‘Internet of Things’ All devices which can connect to the Internet – collectively called the ‘Internet of Things’ or IoT – are potentially at risk of a cyberattack. Everyday personal items like video cameras, refrigerators and televisions can be used by cybercriminals for malicious means. Cyberattacks targeting or using IoT devices have increased significantly in the past two years, according to several reports from the private cybersecurity industry. An example was the Mirai botnet, which in 2016 infected tens of thousands of devices, mostly Internet routers, with weak password security. These were then used in coordinated distributed denial of service (DDoS) attacks against websites worldwide including a university and several media sites. In the world of cybercrime, the number of IoT devices a criminal has access to is seen as a sign of their status. Although police around the world are developing the skills necessary to forensically examine computers and mobile phones, they are often not aware of how to collect evidence from other connected devices. The latest edition of the INTERPOL Digital Security Challenge tackled this threat, with 43 cybercrime investigators and digital forensics experts from 23 countries investigating a simulated cyberattack on a bank launched through an IoT device. “Cybercrime investigations are becoming more and more complex and operational exercises such as the Digital Security Challenge, which simulate some of the hurdles that investigators face every day, are vital for the development of our capacities,” said Peter Goldgruber, Secretary General of the Austrian Ministry of the Interior. Meeting the challenge I n the scenario, cybercriminals attacked a bank in an attempt to steal large sums of money. The investigators analysed the bank’s computers to identify the date, time and files where the malware installed by the criminals. Through this digital forensic examination, the teams discovered the malware was contained in an e-mail attachment sent via a webcam which had been hacked, and not directly from a computer. This is an emerging modus operandi, as it is more difficult to identify the source of the attack. Once the teams accessed the digital data held by the compromised webcam, they identified the command and control server being used to remotely control the device to conduct the cyberattack. Further evidence led to the identification of a second command and control server, and the investigators identified technical vulnerabilities of the servers which could be used to prevent further attacks. Noboru Nakatani, Executive Director of the INTERPOL Global Complex for Innovation said the scenario provided a learning experience on how to conduct real-world investigations more effectively. “The ever-changing world of cybercrime is constantly presenting new challenges for law enforcement, but we cannot successfully counter them by working in isolation. “A multi-stakeholder approach which engages the expertise of the private sector is essential for anticipating new threats and ensuring police have access to the technology and knowledge necessary to detect and investigate cyberattacks,” said Mr Nakatani.   Tips for safeguarding IoT devices: Change the factory default passwords – these can be the same for hundreds or thousands of devices, making it easy for criminals to hack; Regularly update all software; Disable features which allow the device to be accessed remotely; Take extra care when buying used devices – you don’t know what the previous owner installed on the device.   Sharing expertise Conducted annually, INTERPOL’s Digital Security Challenge helps police worldwide develop the skills necessary to tackle the latest cybercrime threats. The first two events in 2016 and 2017 simulated cyber blackmail involving bitcoin and a ransomware attack. This year’s three-day (19-21 February) event was organized in close I n the Americas, hurricanes, tornadoes and earthquakes are occurring more frequently, so unimpeded mass communication during these events is critical. MNS software is often employed so companies can communicate with their employees, federal agencies, university students and the general public. More channels of communication available in these types of events, means more people can reach safety faster and more lives can be saved. In Western Europe, the second-largest market for MNS software, weather-related incidents occur less often, How Catastrophic Events are Changing Mass-Notification System Market By Robert Brooks – Analyst, Security and Building Technologies, IHS Markit cooperation with the INTERPOL National Central Bureau in Vienna and private sector partners NEC Corporation and Cyber Defense Institute. “NEC has contributed as a strategic partner to INTERPOL’s commitment to improve the cybersecurity skills of investigators throughout the world. For the third year, NEC is honored to have helped develop the Digital Security Challenge by providing our expertise at this cutting-edge event,” said Kozo Matsuo, Vice President of NEC Corporation’s Cyber Security Strategy Division.’ Training sessions to develop participants’ practical knowledge on IoT device analysis and the latest trends in malware-related crime were delivered by specialists from NEC Corporation, InfoSec, Meiya Pico, SECOM, Kaspersky Lab and Trendso the need for MNS software is lower than in the Americas. While individual countries might deal with specific weather threats – like blizzards and freezes in Sweden and flooding in the UK – in 2017 the United States alone experienced four major hurricanes. Mass-notification system (MNS) software used in emergency communication, the primary segment used during a catastrophic event, is expected to grow in the Americas at a compound annual growth rate (CAGR) of 6.8 percent from 2017 to 2021, reaching $293.1 million in 2021. Micro. Support was also provided by the UN Office on Drugs and Crime (UNODC). Kenji Hironaka, President of Cyber Defense Institute said, “We are proud to have provided forensic content and technical support during all three INTERPOL Digital Security Challenge events. We will…