Category: White Paper

Genetec Stratocast™ is a cloud-based video monitoring system that makes the adoption of network video security solutions easy and allows you to connect to your business wherever you go. Using the Microsoft Windows Azure cloud-computing platform, Stratocast eliminates the need for on-site servers. As a result, installation time is reduced and you can begin monitoring your premises quickly. Using video surveillance equipment such as IP (Internet Protocol) cameras or analog cameras, you can record video on your edge recording video unit or in the Stratocast cloud. If recording on your video unit, the video is recorded continuously, whereas if recording in the Stratocast cloud, you can choose to record either continuously or only when motion is detected. From your laptop, tablet, or smartphone, you can then watch live and recorded video that is safely stored in the cloud. In addition, through Genetec Federation™, Security Center users can view and control all Stratocast cameras from their local installation of security desk. The starting diagram illustrates how Stratocast works to keep you connected to your business, wherever you go. Security is crucial for us at every level of development and operations. Based on industry best practices, our engineers embed security standards into the development lifecycle and operations. This white paper focuses on the cloud architecture and the operational security of the platform as well as the security capabilities of the customer portal. The video and camera security of Stratocast are also discussed. Cloud architecture Stratocast is deployed on the Microsoft Azure cloud platform. This platform, with its industry-recognized security, securely stores data that our customers entrust us with. Microsoft Azure has been audited against SOC 1, SOC 2, and SOC 3 standards. Audits are conducted in accordance with SSAE 16 and ISAE 3402 standards. Certifications are regularly updated and can be provided. Stratocast and Azure are also compliant with ISO 27001:2013. The service architecture is built for high availability and scalability, allowing customers to enroll and record as many cameras as needed without impacting the service. There are no constraints limiting the maximum amount of data that can be stored in Azure, as data centers are provisioned with enough capacity to ensure that they meet growing demand. This architecture, coupled with the robustness of the underlying Microsoft Azure Cloud, allows Genetec to provide a 99.5% SLA. Security controls Stratocast and Azure adhere to a rigorous set of security controls that govern operations and support. Genetec and Microsoft deploy a combination of preventive, defensive, and reactive controls including the following mechanisms to help protect against an unauthorized developer and/or administrative activity: Tight access controls, including a mandatory two-factor authentication. Combinations of controls that enhance independent detection of malicious activity. Multiple levels of monitoring, logging, and reporting. Security reports are used to monitor access patterns and to proactively identify and mitigate potential threats. Microsoft administrative operations, including system access, are logged to provide an audit trail if unauthorized or accidental changes are made. Automatic patching of the operating systems and applications running in the cloud. Additionally, the Genetec and Microsoft teams conduct background verification checks of certain operations personnel and limit access to applications, systems, and network infrastructure based on the level of background verification. High availability Azure facilities are designed to run 24x7x365 and employ various measures to help protect operations from power failure, physical intrusion, and network outages. These datacenters comply with industry standards for physical security and availability. They are managed, monitored, and administered by Microsoft operations personnel. Redundancy Stratocast video is stored in triplicate, within the same datacenter, ensuring the redundancy of critical data and mitigating the impact of hardware failure. Control of data location Knowing and controlling the location of an organization’s data can be an important element of data privacy, compliance and governance. Customers can specify the geographic area where their recordings are stored. Through this approach, recordings are replicated within a defined region for redundancy but are not transmitted outside the customer’s desired geographic boundaries. Operational security As a trusted provider of security solutions for a considerable number of government agencies and high-profile public and private organizations worldwide, we take compliance with local regulations very seriously. This, of course, includes the laws pertaining to data security and protection of privacy in the regions where we sell our products and services. Additionally, to ensure that all customer data is stored and used in an appropriate and secure manner, Stratocast is certified with the ISO 27001:2013 information security standard. The ISO 27001 standard is a framework of policies and procedures including legal, physical, and technical controls that address cyber security risks. These policies and procedures are part of the Information Security Management System (ISMS) at Genetec, that has been audited and certified by the ISO organization. Below is an excerpt of some of the relevant portions of it. Secure development policy Genetec is conscious that security is something that has to be embedded in the development practices and not something that can be added after the fact. Consequently, the Stratocast software development lifecycle (SDL) includes specific activities, pertaining to cyber security, that have to be completed in order to release each new version of Stratocast. These activities are defined in the secure development policy and include – secure design review performed on a periodic basis, manual or automated security testing, and penetration testing performed by a 3rd party auditor. Incident management & disaster recovery I t can be challenging to react appropriately to a cyber security incident when it happens, if nothing has been prepared for it beforehand. To avoid this, we have instilled a well-established incident management plan describing appropriate responses. This includes among others – the criteria defining the severity of an incident, the roles and responsibilities of each stakeholder involved in the management of that incident, the incident lifecycle, and the service level objectives. In a similar fashion, it’s best practice to establish a disaster recovery plan in the event of external service outages. Stratocast has a well thought out plan that reduces any negative…

Given the current Covid-19 pandemic, thermal cameras are receiving increasingly more interest. It is a natural idea to utilize a thermal camera to detect elevated body temperatures. Right now, the Internet is full of information on the subject (including brand new companies), but it’s difficult to understand what is real, what is wishful thinking and what is exaggeration. At Eagle Eye Networks we have purchased a number of thermal cameras and have run a series of tests to determine what is practical with today’s technology. This document details some of the testing we have done and some of our conclusions. We do not claim that our testing is comprehensive or perfect, but we hope, that in sharing it, we can help. This document focuses on the application of thermal cameras to read human body temperature. However, it is important to note, that before the Covid-19 pandemic, thermal cameras, at least as it relates to video surveillance, were primarily used for detecting perimeter breaches. This use case does not require the same level of precision that a thermal camera detecting an elevated body temperature requires. Therefore, typical general-purpose thermal cameras in the market have an accuracy of +/- 5 degrees Fahrenheit, which is not accurate enough to detect elevated body temperatures. It’s also important to note that elevated temperature screening is not screening for coronavirus or for any other illness. In fact, some people who have a virus or illness may not have an elevated body temperature. Additionally, the majority of thermal cameras are not approved for medical use or approved by the FDA, but they may be well suited to provide an initial reading to allow appropriate personnel to perform follow up evaluation and potential diagnosis. Executive summary Thermal cameras can be used to detect elevated temperatures in humans under the right conditions. Creating those conditions can be challenging, but it’s not impossible or impractical. Our experience in testing has shown that the preferred solution includes cooperative subjects and limits measurement to a small number of people simultaneously. Given appropriate conditions we have tested cameras and found they consistently report temperatures within +/- 0.7 degrees Fahrenheit of measurements taken with a traditional thermometer. System components There are various systems in the market place; however, most cameras that are connected to a traditional surveillance system include these: Camera – Thermal and Visible Spectrum. Thermal Calibration Unit (blackbody). Recording System/ Video Management System. Local Display Device (optional). Cameras Some of the more advanced thermal cameras are effectively two cameras in a single housing, these are known by several different names – dual spectrum and bi-spectrum are the most common names. The image below (Figure 1) is a dual spectrum camera from Sunell that was designed to resemble a panda bear. This was originally deployed in Chinese schools where children would look at it as they entered. Each camera produces a video stream, the visible spectrum camera works like most typical surveillance cameras. The thermal camera produces an image that is a visual representation of the different temperatures it has detected. These images can be either in grayscale or in color. Most cameras have several visual choices for how to represent the thermal data. The images above (Figure 2) are from a dual spectrum thermal camera connected to the Eagle Eye Cloud VMS. This is a traditional video surveillance dual spectrum thermal camera, not a camera used to detect elevated body temperatures. There are a few things to note about the images. One is that the field of view is different. The visible camera can capture a wider field of view than the thermal camera. The visible camera has two vehicles in the field of view while the thermal camera only has one. The visible camera captures the street at the top of the image, while the thermal camera does not. The difference in camera field of view is quite common. Also, the thermal camera has a much lower resolution. The figures appear more ‘blocky.’ Thermal cameras today are generally much lower resolution than visible spectrum cameras.   Thermal calibration unit A thermal calibration unit, sometimes referred to as a blackbody, is a device that maintains a specific temperature and does not reflect any energy from the surroundings. It is used as a constant point of reference for the thermal camera. Not all thermal cameras require a calibration unit, but many can make use of them if they are present. A calibration unit requires electrical power, but is not wired to the camera or the VMS/ recorder. It is manually set at a prescribed temperature, and the thermal cameras are configured based on that temperature. Thermal calibration units are typically used when more precise temperature readings are required such as in elevated temperature screening. Some suppliers include a thermal calibration unit with the sale of the camera, but most do not. Calibration units are generally not present for most cameras connected to a video surveillance system. Many security industry personnel are not familiar with thermal calibration units or their use. Recording system/ video management system The cameras are generally connected to a recorder. For this discussion we utilized the Eagle Eye Cloud VMS with its enhancements for support of elevated temperature screening. The cameras are connected to an Eagle Eye Bridge. As shown above (figure 2), The Eagle Eye VMS records both the visible spectrum camera as well as the thermal camera. Additionally, Eagle Eye VMS captures the temperature measurement data that the camera generates. This means that the temperature is associated with specific to me, so searches can be performed based on the temperature, time or person. Notifications can be generated if the temperature is outside of a specified range. In other words, if the temperature is too high, a notification can be made. The notifications can be delivered via various methods, but the most common is via email. Typical notifications will have an image of the person, the temperature detected, as well as name and location of the camera that…

  INTRODUCTION Scope and purpose of this white paper The scope of this white paper is the security for embedded electronic systems and IoT systems, which are generally based on programmable microcontrollers. Examples are electronic consumer and industrial devices, IoT sensors, medical devices. The purpose is to stress the fact that although security countermeasures are necessary to protect embedded systems and IoT systems, they are unfortunately not sufficient to avoid surface attacks. Embedded systems and IoT systems are more and more exposed to a wider range of new security threats, and this trend will very probably accelerate. To prevent damages from security attacks, companies are taking measures to protect their assets, including more specifically their software IP. Unfortunately, in ecosystems where the supply chain is getting more complex, it is frequent that the ones deciding the security levels are not the ones that will be accountable for their choices. Even when security measures have been duly selected and implemented, facts are showing that there are still some underlying vulnerabilities. On average, security experts will break security of more than 80% of implementations during their evaluation phase, for multiple reasons: Security attacks are getting easier to set-up, even by players who have limited technical skills and could use tools available on the web. It costs just a few dollars to launch massive DDoS attacks capable of generating up to 300Gb/s. Security countermeasures have their own limitations, and having an overreliance on those countermeasures could lead to potential hidden security risks. Security implementation matters. Technical challenges in implementing security could potentially lead to vulnerabilities exploited by hackers. A good approach is to do a formal security evaluation with security experts. However, before taking this path, it will be efficient and cost effective to have a second view with a deeper dive into security. In most cases, it will highlight some vulnerabilities and will provide useful guidelines to improve the resistance of embedded systems against security attacks. In this whitepaper, we will: Describe the most frequently used security countermeasures. Review the limitations of these countermeasures and explain why a deeper dive is recommended. Share the views from our security experts. The benefit of this deeper dive is to reduce exposure to security attacks without having to reconsider the whole security approach. Security principles Basic principles It is widely accepted that security must rely on 3 basic principles: Security by design (and not after the facts). End to end security (at OT and IT levels). Security all along the product life. The last one is equally important compared to the first two. We observe that several electronic industries are getting conscious about the security by design and end to end security, and are not considering the importance of security all along the product life. For instance, having a secure mechanism for firmware update over the air (OTA) will prevent a lot of security breaches. Deeper dive I t would be great if a simple application of those basic principles will be enough to counter any potential security attack. Facts are showing that even by applying those principles, there are still remaining vulnerabilities exploited by hackers. Embedded systems are all different and have their own specificities; on the other side, security requirements vary considerably depending on market, applications or risk management policies. Considering that security must be scalable, and that no security scheme fits all, we recommend a deeper dive into security to ensure that the security schemes have been implemented in adequation with the system architecture. A strong security scheme which has not been properly implemented is simply useless. We will explain in this white paper the reasons why these basic security principles are necessary and not sufficient. Disclaimer The information in this white paper provides general information and guidance about cybersecurity; it is not intended as legal advice nor should you consider it as such. WHY DOES A DEEPER DIVE INTO SECURITY MAKE SENSE? Security attacks on embedded systems are getting more frequent There are several reasons that could explain why embedded and IoT systems are getting more vulnerable to security attacks: Systems complexity Embedded and IoT systems are becoming more and more complex due to rich, broad and diverse ecosystems which could be interconnected with each other’s. IoT ecosystems are an illustration of this trend; they include a wider range of technologies like sensors, gateways, networks, clouds with many different standards and limited regulations on security. Limited capacities in devices Many embedded and IoT systems are based on programmable microcontrollers with limitations in processing power and memory storage. Several security countermeasures have not been designed based on those limitations. As a result, they require compromising between security and performance, and most of the time the decision is in favor of the last one. Human errors are always possible The development of new technologies is accelerating, and we do not have enough background of previous threats to know enough about failures in protection. This is leading to an increase of human errors in life of a product – at the design stage, at manufacturing stage and during the implementation of security. Time to market and costs Generally, manufacturers shorten the launch time of products, putting higher priorities on volume of sales, and not always considering fundamental security best practices such as security by design. Security is often seen as an additional cost; this is why, in order to reduce costs, manufacturing companies are also limiting or ignoring security features in their devices. The result would be equipment that can never provide adequate protection. Any countermeasure has its own limitations Deciding a security strategy often means making compromises between risk, cost and time – the easier approach is to rely on legacy security mechanisms proposed by silicon and IP vendors, network providers or other third parties in the value chain. The issue with this approach is that there is no ‘one size fits all’ security solution that can protect any embedded system. The characteristics of each system is different and should be considered…

With the increased prevalence of  IP-based video surveillance systems on the market, and the growing adoption of higher resolution HD and megapixel cameras, organizations and system integrators must take into account how implementing these systems can impact their network resources. Without realistic system design considerations, organizations can risk significant network and storage cost overruns while also compromising the reliability of their network to support applications that are critical to their business operations. By implementing an advanced video management system (VMS), an organization can effectively manage video streams on their network using built-in camera and software functionalities to optimize network resources and bandwidth consumption. With such optimizations, a VMS will also help to decrease networking and storage costs over the lifetime of a video surveillance system. Challenges For organizations choosing to implement or expand an IP video surveillance system, the ability to efficiently manage video streams and storage is crucial to ensure the best use of the network and reduce costs associated with deploying and operating the system. While organizations continue to benefit from greater network speeds and capacity, the use of IP-based video systems can generate a significant increase in the amount of data traveling on their network as a result of: Deploying high-definition and megapixel cameras, Additional cameras to address a need for coverage across Larger areas, Increases to the number of users accessing video, Recording and maintaining redundant video recordings, Transferring video from one site to another to maintain long-term orcentralized recordings. When planning and designing an IP video surveillance system, an organization must take into account the unique aspects of its security environment and its business operations in order to ensure the reliable transmission of video and avoid overloading available network resources. For example, certain deployments will require greater flexibility to manage video streams and bandwidth due to their complex nature,further driving the need for advanced video management capabilities. These scenarios can include: Distributed sites requiring operators to connect to remote cameras, Cameras connected to networks with limited bandwidth such as DSL, wireless, or cellular, Sharing bandwidth with other operation-critical applications because video is not the top priority for the business. It is equally important for organizations to realize that optimizing the use of network resources does not necessarily require large capital investments but is more a matter of putting the right solutions in place. With bandwidth and storage representing important ongoing costs of operating an IP system, organization scan significantly reduce the Total Cost of Ownership (TCO) of their video surveillance system by investing in solutions that allow them to optimize their use of bandwidth and storage based on the requirements of their application. This white paper will focus on those unique and powerful capabilities that one should look for in a VMS in order to optimize the use of network resources and reduce the costs associated with operating an IP-based surveillance system. Optimizing network resource utilization VMS applications allow an organization to manage its security infrastructure including video cameras, encoders, and recording servers, within the unique context of the organization’s deployment. The effectiveness of the VMS will depend on its ability to handle the demands of the operating environment, whether those demands include deploying a system in sites with limited bandwidth, monitoring cameras across distributed locations, or ensuring that multiple operators can access necessary video streams in the case of an incident, regardless of the number of concurrent requests. Although system administrators will intuitively manage video quality settings and define recording settings and schedules, addressing the needs of a specific security department can require manual intervention and adjustment. While most VMS applications support these features, some VMS applications also support powerful functionalities and technologies that serve to further reduce the total cost of operating an IP video system. In fact, organizations can deploy a surveillance system that operates with greater efficiency on their network by choosing a VMS application that supports the following capabilities: End-to-end multicast transmission, Stream redirection and multicast-to-unicast conversion, Multi-streaming, Video caching, Archive transfer. By leveraging some or all of these capabilities, organizations can significantly reduce the number of servers required to manage and store video, reduce their network bandwidth requirements, and reliably scale their system while minimizing their investment in new infrastructure. A. Video stream transmission: unicast and multicast I n IP video surveillance, unicast and multicast are the two most commonly used methods to transmit video from cameras to client workstations. While all VMS platforms can configure unicast, only a few also offer multicast transmission, and, among these, even fewer support end-to-end multicast that provides communication from the edge device (IP cameras and encoders) to the workstation. Though many VMS platforms may claim multicast support, the majority will only provide limited support for multicast transmission between the recording server and the client station, and require multicast to be set for all cameras on the server, or even implemented system wide. It is important for organizations to consider that certain VMS provide far greater flexibility with regards to transmission, in order to implement the best design for their application. This includes the ability to set up cameras per select network branch or per viewer and the ability to automatically detect the ideal transmission method for different segments of the network, thereby allowing organizations to optimize the performance of their video surveillance system and minimize the network resources that are required. i. Unicast overview Unicast is usually done in TCP or UDP and requires a direct connection between the source and the destination. Unicast only works if the source has the capability to accept concurrent connections when multiple destinations want to view or record the same video at the same time. In IP video surveillance, unicast involves a camera streaming as many copies of the video feed as are requested by the destinations, so a 6 Mbps video stream that is requested by three operators will produce a transmission of 18 Mbps of data across multiple network segments (6 Mbps per stream x 3 requests = a total of 18 Mbps). This…

Around the world, governments are responding to the unprecedented circumstances related to the coronavirus (COVID-19) epidemic. In many countries and regions, authorities have placed restrictions on their citizens movements and have increased guidance on the basic hygiene required to reduce the spread of the virus. The primary aim of this activity is to reduce the reproduction number (Ro ) of COVID-19 by limiting contact between groups of people as much as possible. Similarly, many government and healthcare authorities have provided guidance on the key symptoms associated with the disease. One of the key symptoms is an increased body temperature or fever. How can thermal cameras help? There are several activities and approaches being applied to help reduce the reproduction rate of COVID-19. These include self-isolation methods such as working from home, improved basic hygiene such as increased hand washing and the deployment of personal protective equipment (PPE) to reduce the prospect of infection. Similarly, when symptoms appear there is clear guidance on what to do next. Primarily this involves limiting social contact through self-isolation for up to 14 days. Medical professionals should be contacted digitally if symptoms persist or deteriorate. Ultimately, prior to any vaccine being available, the fight against COVID-19 is being led by the ability to detect symptoms and isolate people suspected of an infection. This is a combined effort between different key workers and technology applications. Thermal cameras can play a part in this coordinated approach. These cameras provide thermal imaging for body temperature solutions which can quickly and accurately identify people with elevated body temperatures, one of the key symptoms of COVID-19. These solutions can provide organizations with an additional layer of protection to their facility from increased exposure to the coronavirus. Organizations can then decide how best to deploy this information based on region, culture and the critical nature of the facility. In some circumstances a security officer may ask the person to scan their temperature using a medically approved sensor. In others, the person may be denied access to the facility. Ultimately, it is a decision for each organization on how best to deploy the solution. Thermal body temperature solutions An important distinction to make in the overall societal response to COVID-19 is that body temperature solutions are not a medical solution. They cannot identify the virus and they do not protect organizations or individuals from catching the virus. Thermal body temperature solutions are a tool that can support the identification of a key symptom of the disease. They can help organizations identify people showing these symptoms, but they do not diagnose or treat COVID-19. However, this does not mean that thermal body temperature solutions do not add value in the overall response. In fact, they provide a non-invasive method to check body temperature, can do this at faster rates than hand-held scanners and at a greater (potentially safer) distance. The deployment of these solutions in a facility may even encourage positive behaviour with staff more likely to stay at home when they are unwell with a fever. Thermal body temperature solutions require, at a minimum, a radiometric thermal camera to measure temperature differences in people entering the field of view. More advanced solutions will use blackbody devices to help calibrate the temperature measurement, especially in less controlled environments where the elements can influence the reading. AI (artificial intelligence) algorithms can also be integrated to help target the temperature reading on the most accurate part of the body, typically the forehead or near the eyes. The blackbody calibration tool consists of a target object whose temperature is precisely known and controlled. Specifically, this is important in human temperature measurement where accuracy to +/- 0.3 degrees Celsius is advised by many international standards organizations. By deploying the blackbody calibration tool, it is easier to establish an accurate relationship between gray level and temperature. Essentially there is known, fixed temperature object in the field of view which can be used to calibrate and measure all other objects’ temperatures. Using this method, false temperature alarms caused by environmental influence can be effectively reduced, and the accuracy of the thermal body temperature solution can be controlled to more precise parameters. However, monitoring accuracy does depend on the stability of the body temperature and it is recommended to install the system in a stable environmental condition to ensure that the skin temperature is stable. The emergence of AI technology, and specifically face detection algorithms, will play an important role in the evolution of these solutions too. Algorithms can help complete more accurate temperature tests. Cameras can do this by locating specific areas of the face such as the forehead or eyes, more accurately. This could be critical in the case of people wearing masks. Combining thermal cameras and facial detection can enable thermal body temperature solutions to combine accurate temperature scanning with the best face location to take the measurement from, improving the overall measurement accuracy. It should also be noted that the facial detection, as opposed to recognition, is used to improve the accuracy of the solution with better positioning of the measuring point on the face. It is not used to detect specific individuals and does not break privacy compliances (such as GDPR). While there remain challenges to the effectiveness of thermal imaging cameras for measuring human body temperature in public areas, especially when face masks are commonplace, the introduction of facial detection and AI can improve the accuracy of temperature scanning. Managing expectations for use Comparisons can be made between the current stage of the market for thermal body temperature solutions and another physical security technology – video analytics. Here, the expectation level for object detection or activity tracking algorithms was extremely high. The expectation was that video analytics would be near 100 percent accurate in spotting, identifying and tracking objects through the field of vision. However, analytics would sometimes misunderstand a scene, potentially alerting to the same object multiple times or mis-allocating an object – essentially false alerts. The reality was that these solutions…

Businesses are using sensors, Internet of Things (IoT) devices, and surveillance cameras to manage assets and resources more efficiently than ever before. Facial recognition, remote patient monitoring, and wrong-way driver detection are just a few of the advanced, insight-driven technologies seeing greater adoption today. At the center of it all is data, which is continuously being gathered, analyzed and utilized for real-time decision-making. This data collection places a greater workload on the storage systems behind the sensors. Smart solutions are only as good as the data they store, analyze and deliver in a timely manner. This white paper discusses rapid changes in the global data-sphere, the impact of real-time data analysis in safe and smart cities, and the storage best practices that system integrators should implement to improve data flow and insights for customers. Global Data-sphere Evolution Data is in flight all around us and has become an essential part of the human experience. The global market intelligence firm – IDC – forecasts that the global data-sphere will increase from 33 zettabytes in 2018 – where one zettabyte equals to a trillion gigabytes – to 175 zettabytes in 2025. That is by 2025, on an average every connected person in the world will have a digital data engagement over 4900 times per day. This breaks down to about 1 digital engagement every 18 seconds. IDC reports that the number of IoT devices will grow to 80 billion by 2025, and these smart solutions will monitor business processes and enhance everyday life activities. Harnessing the Power of Data Executives are ultimately looking to interpret the data aggregated by IoT devices, sensors and security solutions, and leverage it to improve operations, cost-savings and customer satisfaction. The deployments of cognitive systems such as machine learning, natural language processing and AI that actively analyze this data for proactive decision-making are on the rise. IDC indicates that the amount of analyzed data that is ‘touched’ by cognitive systems will grow by a factor of 100 to 1.4 zettabytes in 2025. The use of cognitive systems is opening the door to new business opportunities and a greater return on investment in all markets. Storage in the Era of AI New enhancements allowing security solutions to be used for business intelligence are driving the demand for data-hungry applications. The increased use of AI systems in security has warranted a shift in recording and storage technologies. Standard surveillance systems primarily recording footage were typically write-only applications. Today surveillance systems with AI have mixed read/ write workloads. Previously, users relied on cloud data centers to manage the unstructured data and analysis. However, this setup often causes latency and delays as all video and metadata must be transferred off-site for analysis. To remedy this issue, storage providers are building AI into video NVR systems and harnessing the power of micro-datacenters so that initial processing, analysis and pattern recognition may occur in real time at the edge. The edge refers to servers and appliances outside of data centers that are located regionally and are closer to endpoints, like surveillance cameras and sensors, where the data is first captured. Development of AI-enabled NVRs and edge computing devices is driven by cheaper graphics processing units (GPU) with enhanced analysis capabilities, as well as better storage options. In particular, new hard disk drives with fast writing data speeds, high read performance, and support for both AI and video workloads have become attractive solutions for system integrators. Innovation in telecommunications with 5G, advanced sensors and intelligent surveillance cameras are also driving the evolution of surveillance beyond traditional security for AI applications. After the initial video ingestion and analytics at the edge, video is pushed to the back end or cloud. In this centralized environment, video and AI metadata are consolidated for deep learning activities to train the system to be more predictive and provide a more holistic view of the video data collected. In the past, users primarily used cloud storage to satisfy legal and corporate retention policies; however, that has since changed. Data no longer languishes in the back end to eventually be discarded. Now data in the cloud is used to bring predictive power and intelligence for better decision-making like never before. Ultimately, implementing robust storage solutions from edge to cloud enables smarter surveillance systems over time through AI training and rapid insights for command center operators to quickly respond to time-sensitive scenarios. Biggest Impact: Safe and Smart Cities The development of safe and smart cities continues to be one of the sectors where surveillance systems and data will have the greatest impact. Research firm IHS Markit indicates that the global market for city surveillance exceeded $3 billion in 2017 and is expected to increase each year by 14.6% from 2016 through 2021. IHS reports that China is one of the strongest adopters of safe city surveillance technologies. SMART CITY SECTORS Beyond citywide surveillance, smart cameras, IoT sensors, and edge computing devices with AI are being deployed in smart cities to equip businesses and citizens with data that can enhance the urban experience. IHS Markit predicts that there will be at least 88 smart cities worldwide, a substantial increase from 21 cities in 2013. The collection and delivery of data is the crux of the smart cities operation. Here are three segments within smart cities where organizations are using data to address urban woes. HEALTHY LIVING AND SAFETY Data captured by IoT devices and video are utilized to not only improve the quality of healthcare, but also the kind of preventative measures implemented to ensure a healthier population. In hospitals, IoT sensors and video devices enable re mote patient monitoring, providing real-time alerts of blood pressure and other body indicators to staff who can intervene before a situation escalates to a crisis. The end result is lower mortality rates. When it comes to preventive health measures, advanced IoT devices and video solutions are employed for air quality monitoring, alerting sensitive groups to potentially dangerous conditions. Population health programs are using data collection…

See no evil, block no evil Imagine if one could see deep into the future, and way back into the past – both at the same time. Imagine having visibility of everything that had ever happened and everything that was ever going to happen, everywhere, all at once. And then imagine processing power strong enough to make sense of all this data in every language and in every dimension. Unless you’ve achieved that digital data nirvana (and you haven’t told the rest of us), you’re going to have some unknowns in your world. In the world of security, unknown threats exist outside the enterprise in the form of malicious actors, state-sponsored attacks and malware that moves fast and destroys everything it touches. The unknown exists inside the enterprise in the form of insider threat from rogue employees or careless contractors – which was deemed by 24% of the survey respondents to pose the most serious risk to their organizations. The unknown exists in the form of new devices, new cloud applications and new data. The unknown is what keeps CISOs up at night. This report sheds light on what actions are reaping results in strengthening organizational cyber health. For example, when asked, only 35% confirm that it is easy to determine the scope of a compromise, contain it and remediate from exploits. It suggests that visibility into the unknown clearly is a key challenge. It means 65% of CISOs in the survey have room to improve. 46% said that they have tools in place that enable them to review and provide feedback regarding the capabilities of their security practices. While the good fight is far from over, it’s also far from being all bad news. At least some respondents in the survey seem to be feeling good about their jobs. When asked about cyber fatigue, only 30% of respondents claimed to suffer from cyber fatigue this year. While almost a third seems like a high number to be tapping the mat and raising the white flag, the drop from last year’s figure of 46% is moving in the right direction and this is worth the fight. State of the CISO For some time now, threat hunters have talked about knowing the unknowns. It’s time to expand that to the entire spectrum of cybersecurity – to users, apps, data and clouds. You can’t protect what you can’t see. You generally want to support the business, and not mire it down in bureaucracy. If you’re going to be a bit more open, how are you mitigating control? This is going to be different for everyone. CISOs must deal with that balance of organizational culture while combatting the most critical threats. Sometimes blocking everything and locking everything down doesn’t fit the culture of the enterprise. That might be right for a bank but not for a university. The CISO faces several challenges managing cyber-risk – whatever their organizational model: Breaches create adverse impacts to financial profitability, brand reputation, customer data security, customer satisfaction, and continuity of business. Losses can be substantial and non-recoverable, creating a higher risk score for the organization on insurability. Over the years, vendor point solutions looked promising; however, each generates their own set of alerts. Many point solutions competing on alerts makes it difficult to identify those threats posing the highest risk to the organization, and becomes a resource drain. IT is usually siloed across the organization, making inte gration of securing the network, the cloud, and employee endpoints highly complex. Aggressive tactics to hire security IT personnel are required, as the specialized pool of candidates cannot sustain the magnitude of the problem across global organizations. The talent shortage is, however, out of control and not solvable by trying to fill all jobs. New threats such as Emotet, Olympic Destroyer and others appear daily, even hourly, and are employing more stealth and sophisticated methods. Threat response as a category has to evolve and there is a need for tools to consolidate information and centralize remediation of infections and other incidents. Additional technologies and processes for the CISO to consider are: AI and ML, and used right are essential to triage the volume of work. The cost of a breach is falling – but don’t get too excited yet. There is head room to realize obvious benefits in process improvement e.g., training. There is more confidence in cloud-delivered security and in securing the cloud. 2019 findings The findings from the Benchmark Study revealed several areas that are critical to strengthening organization’s security posture. Set up for success? What does it mean to be a CISO day-by-day? What is their charter? The present survey revealed multiple areas that together determine a organization’s cyber health including being practical about risk, setting criteria for budgeting, collaborating across divisions, educating staff, conducting drills, knowing how to track outcomes to inform investments, and being strategic on vendor and solution implementation. Know your risk Risk management is hardly table stakes. Understanding the risks of cyberattacks and the compliance landscape that encompasses security breaches is paramount to understanding how to defend and prepare for the worst. When asked who were very knowledgeable about risk and compliance, only 80% of respondents were very knowledgeable. That leaves 20% of security professionals who could possibly use some of the discussed trainings. How to spend budget Almost half, or 47% are determining how to control security spending based on organizational security outcome objectives. Measuring outcomes against investments is the best data-driven approach. What’s more, 98% strongly or somewhat agree that their executive team has established clear metrics for assessing the effectiveness of their security program. 49% of respondents have metrics that are utilized by multiple areas of their companies to understand the risk- based decisions and improve processes to measure the security effectiveness throughout the organization. Back to the budget, and aside from outcome based measurement, there are some less healthy options. Controlling security spending on previous years’ budgets (46%) and percent of revenue respectively (42%) were both popular choices,…

Successfully recording video from hundreds of security cameras 24 hours a day, seven days a week without losing a single frame is a very complex challenge. If that wasn’t tough enough, your system also has to allow for future growth and show that it’s reducing your claims and/ or shortening response times. Video surveillance is becoming more and more important as perceived and actual physical security threats increase worldwide. Hardware and solutions proliferate even as budgets have flattened or turned downward. Whether you’ve been a security professional for decades or your IT department just inherited video surveillance, there’s a morass of technologies to wade through to find the right components. This white paper focuses on how to specify video storage, how video is unique in the world, and why systems must be carefully thought out to ensure crucial data isn’t lost. Central to the discussion is a review of the trio of storage technologies – Direct Attached Storage (DAS), Network Attached Storage (NAS), and Storage Area Network (SAN). Before diving into the details of each of these technologies, let us look at some broader considerations to have in mind while writing video surveillance system requirements for your building, complex or campus. Important considerations for building and upgrading surveillance systems You spend hours Googling ‘surveillance systems’ or an entire week at a trade show and easily come away confounded by the plethora of security hardware, software and services. In this first section, we outline the problem and a few considerations to keep in mind while developing the requirements for your physical security system. The conundrum of surveillance Thirty years ago, you simply went out and bought some cameras, coaxial cable and a VCR. Now, all the components are digital. The surveillance conundrum is clear to anyone who follows the news: Threats (real and perceived) are growing. In response, the public, private companies and govern ments are demanding more and better physical security. Surveillance options are growing in number and capability. The growing camera population (with ever higher resolution) is creating a flood of data. Cameras never stop recording and what they ‘see’ must be stored somehow. Despite event-driven spikes, security budgets have generally declined in recent years. A growing demand for surveillance Beyond public security, there’s an ever-growing demand for video surveillance inside and around banks, casinos, school campuses, hospitals, hotels, transportation hubs and highways, railways, harbors, factories, power plants, refineries etc. Of course, many of these systems can serve a dual purpose such as speeding up ferry departures based on traffic conditions, remotely-monitoring trucks as they’re being loaded, or alerting hotel staff of a VIP’s arrival. “With the edge getting smarter, it is the time that the backend Infrastructure gets smarter too. With ML & AI being deployed extensively, data is the ‘new gold’ and its reliability needs to be addressed as well” – Prakash Prabhu Regional Sales Director – SAARC, Pivot3 Analytics: The shift to digital transforms watchers into actors Sci-fi and action films may offer windows into the future of surveillance, but today you can tap into the wealth of information found in the real world. When tied to biometric reads (such as iris scanners) and using behavioral analysis algorithms, video surveillance systems can now monitor numerous real-time scenes and automatically respond with say – a coupon to a shopper who shows interest in a particular shirt, or an alert to unusual activity in a subway station. With automation, human eyes aren’t needed for the mind-numbing task of watching a bank of video monitors. Personnel can instead focus on stopping a bad guy in the act, correcting a problem, anticipating a need, or providing a service. In fact, advanced users are turning their surveillance data from cost centers into cash. Digital equipment and software The shift to digital has also changed the way video surveillance systems are built. Instead of endless ‘home runs’ of coaxial and power cables from a control room to each camera, IP (Internet Protocol) cameras and monitors can be networked just like computers. Cameras can even be powered by the same Ethernet cabling that transmits their video data. Today’s video surveillance systems typically have at least one computer server running video management software (VMS). The VMS enables users to control the cameras and monitors, as well as search archived ‘footage’ in storage. Storage can either be inside the VMS server (as DAS in a NVR) or in a separate storage device on the network (NAS or SAN). Computer processing and storage infrastructure software underlies the VMS application layer, ensuring that all your equipment is working as it should, with little or no administrative burden. You can also run all the software and storage on virtual machines. Ever-improving cameras mean ever-growing data streams Whether you are securing a small office or large factory campus, now that cameras are digital, you’re able to take advantage of Moore’s Law and watch prices droping as sophistication soars. However, a lower price also suggests the temptation of buying more. Better capabilities (like high-definition) offer better detail in a wider range of light conditions. With a 180° or 360° view, one camera can do the work of several analog eyes. For example, the wide angle can enable you to watch an entire parking lot, then pan or zoom electronically to read a license plate or see a face. The downside is such cameras require a huge amount of network bandwidth and storage. As the name suggests, each IP camera has its own IP address and connects to the network with a standard RJ-45 jack. It often has a built-in web server, email client, FTP client and supports Power-over-Ethernet (PoE) standards. As IP cameras become more sophisticated, they’re able to stream to more than one destinations; perform more processing and analytics; and make adjustments for changing environmental conditions (such as rain or fog) and lighting changes; and reduce frame rates if a scene is unchanged (thereby lowering bandwidth and storage loads). System performance is measured in terms of how many…

Cybersecurity is a trending topic in the video surveillance market. As a result of international regulations, companies are assessing the potential security risks of video surveillance systems, deploying crisis management policies and developing mitigation plans for events related to a data breach. Customers desire trustworthy products and vendors are rushing to fill this gap to satisfy the market demand. Multiple vendors are offering a great number of solutions, however the choice and diversification perplexes customers, who often have difficulty identifying the best solution for their needs. In this paper, Videotec puts forward its vision with regard to developing safe products and describes its strategy for cyber security. Introduction Customers are currently overwhelmed by the perpetual advertisement of products related to cyber security. At tradeshows and in sector magazines, multiple products are being promoted as key elements for cybersecurity. Unfortunately, cyber-safe products cannot be marketed with the same strategy as other devices, for example, explosion-proof rated cameras. The key difference is that for threats that do not concern software a set of well-defined and well-documented requirements exist. In general it is possible to universally define safety requirements for installation in special environments such as a drilling rig, a marine vessel or along a railway. For soft ware, similar requirements exist but there is less clarity than with their counterparts when it comes to security. Furthermore, a device’s firmware and video m a n a g e m e n t software (VMS) are updated by each vendor to introduce new features or to fix bugs. Every update may have an impact on the complete video surveillance system reliability. Finally, security researchers continuously identify new issues that may reduce the safety of the system, even if no change is applied to the facilities. Deploying a cyber-secure system is a challenging task under these ever changing conditions. Other aspects of security such as mechanical, electrical or environmental are not subject to similar uncertainty. As an example, designing an explosion-proof system is a well-known process, involving classifying zones, identifying the nature of the explosive elements such as gases or dusts, and deducting the product requirements. During the lifespan of the system, the identified risk sources do not change. Similarly, during installation on a marine vessel, the video surveillance equipment is commissioned and will not change until the entire ship is refurbished. The result of the lack of certainty that characterizes software and the existence of complex standards that have a restricted competent audience is a professional market that is trying to incoherently fill this gap by pursuing certifications and stamps, or by adopting aggressive advertisement strategies, based on over-optimistic promises on product features. Orientation between different cyber-security certification options Several certification options are currently available on the market, and these can be placed in two main groups – System certification and Product certification. As the name suggests, system certification addresses cyber-security at a system level. This group includes ISO27001, NIST SP 800-53 and ISA/ IEC62443-3. In these frameworks, risks related to information management are evaluated across every aspect of the organization – information generated by the devices, storage, access control to the information and physical security to protect data from being stolen from data centers. Since these certifications must be flexible to adapt to a heterogeneity of systems, they define frameworks to perform the system analysis and the assessment of the risks of such systems, but they do not punctually mandate explicit requirements. System certifications delegate the definition of such requirements to the organization willing to achieve the certification. In contrast, product certifications are narrow in scope, targeting a single component subject to certification. A single component can be a camera, a networking switch or video management software. In this category are the EMV standard for credit and debit cards, the UL2900 series and ISO/ IEC 15408, also known as ‘common criteria.’ It is clear that pursuing a system-level certification involves the customer and the integrator installing the video surveillance system. Manufacturers should target product certifications and drive efforts to ease the integration of their products into the frameworks of system-level certification that is being pursued by their customers. Videotec’s strategy for cyber-secure video surveillance systems Videotec started developing its DeLux technology several years ago. At that time, Videotec had a clear vision for its products i.e., developing safe products for all possible tasks – mechanical, electrical, electromagnetic and software – according to current and future security requirements. The mission of the DeLux technology was, and still is, to provide a reliable, safe and future-proof platform that integrates with all products. Sharing a common platform between multiple products is challenging. It requires deep planning of product design to ensure the platform will function perfectly within any product. It also implies that new software releases are compatible with any previously released camera. Thus, every time a new product is released the effort to validate the software increases. Due to this decision, Videotec guarantees that any new security feature and any bug fix will be available to its customers regardless of product age and whether it is still present in the current product catalogue. From the beginning of the DeLux project, two key points were immediately clear. The first point is that software architecture must be flexible enough to guarantee integration into very different products, and at the same time it needs dedicated components that guarantee the un-exploitability of the device. For this reason, the code executed by the device is partitioned into different security domains, making sure that processes that implement the protocol interfaces towards the video management software cannot harm the internal components that accomplish video acquisition, perform compression and constantly monitor the correct function of the unit. The second point that Videotec immediately understood is that ensuring the correct functioning of the software in every device is as important as the software running in just the cameras. For this reason, Videotec started developing internal tools that perform automated testing on the entire set of devices that incorporate the DeLux technology. Every night,…

IHS Markit identified ubiquitous video as one of its top transformative technologies earlier in 2018. In public safety installations, we are observing this concept converge video surveillance and critical communications technologies as personnel embrace the benefits of ubiquitous video. Examples include the latest deep learning video analytics powering insights in safe city installations, a first responder live streaming body worn video to control rooms using the latest mobile broadband networks, or the closer integration and analysis of video data from multiple sources within software applications. In the wider video surveillance industry, demand for professional video surveillance cameras has been growing quickly and is forecast to continue in 2019. It is estimated that less than 10 million surveillance cameras were shipped globally in 2006. This grew to over 100 million in 2016. It is forecast that over 180 million will be shipped in 2019. At the same time, the steep erosion in the average price of cameras and other video surveillance equipment is starting to slow. As a result, IHS Markit is forecasting that the world market will grow at an annual rate of over 8% in 2019. Some regional markets, like India and Latin America will grow much faster. So, what will be the big stories in 2019? Future supply base changes, app stores and use of SaaS in emergency response are just some of the trends discussed in our ninth annual white paper on trends for the year ahead. The predictions on the following are to provide some guidance on opportunities across security technologies. Supply Base Changes in 2019  Supply to the professional video surveillance market has become more concentrated in recent years. The world’s three largest vendors accounted for 17% of market revenues in 2007 and 18% in 2012. In contrast, the top three accounted for 40% in 2017. Despite this, the supply base for professional video surveillance equipment remains much more fragmented than the supply base for many other markets. There are still hundreds of relatively small video surveillance equipment vendors, many of them with a market share much lower than 1%. There have been acquisitions in the past decade. Larger examples include Schneider Electric acquiring Pelco, Hanwha acquiring Samsung Techwin and Canon acquiring Axis Communications. In recent years, many smaller video surveillance software vendors have also been acquired. Examples include Canon acquiring Milestone Systems and Briefcam, OnSSI acquiring SeeTec, Panasonic acquiring Video Insight, and Tyco acquiring Exacq. Recent years have also seen some acquisitions combining video surveillance vendors and vendors of other security technologies. These have included Hikvision acquiring Pyronix and Avigilon being acquired by Motorola. There are likely to be further mergers and acquisitions in 2019 as vendors attempt to challenge the three largest vendors – Hikvision, Dahua, and Axis Communications. However, a spree of large scale mergers and acquisitions is not expected. vendors have themselves largely grown through organic means. The rate at which they have done this has been impressive. None of these companies were among even the ten largest vendors in 2005 and Hikvision and Dahua didn’t yet exist at the turn of the century. This shows just how quickly market shares can change and how quickly new entrants can grow. There have been several new entrants to the professional video surveillance market in recent years (e.g., Motorola, Eagle Eye Networks, Amazon, Huawei). There will be more new entrants in 2019. Perhaps some of them will be among the market leaders of the future.  1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 |  Next ->