×

Addressing the Basics of Cyber Security

01/10/2018 News Articles

Jeff Whitney, VP Marketing, Arecont Vision & Member, SIA Cybersecurity Advisory Board 

Installers & integrators should choose products that provide adequate cybersecurity protection, only using devices that include basic security protection, such as user ID and passwords that can be enable during or after system commissioning.  Passwords are far from perfect, but are an essential first step with most systems.

Password practices should adhere to the current industry standard of up to 16 ASCII characters in length, and vary from device to device.  For large networks, a security password management system is recommended.

Equally important is that the balance between the user experience and cybersecurity protection is not a “one-size-fits-all” solution.  It must be adjusted for the specific requirements of the environment and associated risk.

Products selected should only be from manufacturers who have a demonstrated commitment to cybersecurity awareness, education and protection, and who are supportive of industry efforts and standards. 

A growing number of devices, ranging from tablets and phones, home appliances, security alarms, manufacturing equipment, and even entire buildings are part of the growing IoT infrastructure.  None of these devices should be allowed onto the network without verification that they are cyber-secure to current standards.

It is good policy to separate surveillance systems onto individual, dedicated IP networks or subnets.  Sharing a single network for different systems and purposes increases both performance issues and the risk exposure to cyberattack.  Typically, IT professionals will implement segmentation as a standard practice.

Separate networks or subnets lessen the risk of a breach or cyberattack spreading beyond the targeted system, as well as lessening the risk of QoS (Quality of Service) impact.

‘Air gapping’ segments or entire networks, especially those that do not require Internet access or connection to the wider corporate network on a regular basis, is a good step for cyber protection.

Only use devices that support firmware and security updates.  This is often overlooked for IoT devices.  Any device connected to the network should be regularly checked for new firmware updates, tested and updated, just as IT typically does for devices under its control.

Limit access to systems, data, and infrastructure to those who require it on a regular basis.  A single password for all cameras, or all DVRs, NVRs, data storage, etc., is not secure. Enforce password changes on a regular basis.

Never use default passwords! An increasing number of breaches and cyberattacks are made using default logins.  Security devices are no exception.  Implement a strong password policy and enforce it.

Manufacturers that are serious about cyber protection should have a document strategy for testing and integrating other components of the network infrastructure securely.  A testing and/or certification lab for 3rd party products is a strong indicator that they are serious about cybersecurity.

Regularly scan the network for viruses and malware, as well as for security vulnerabilities.  This basic step is often overlooked for security networks,

Installers and integrators need to ensure that all staff are aware of and education in the risks and challenges of cybersecurity.  Everyone needs basic cybersecurity awareness, and it should be part of staff training and development.

Both IT and security departments should include cybersecurity as part of their regular reviews and assessments of the infrastructure and system.

Mitigation and recovery plans are key.  Having a disaster recovery plan in place for the aftermath of potential cyberattacks shows end users that the system installer or integrator has adopted a responsible approach.

Finally, consider the risk and potential for damage to your company, its partners, and its customers.  It may be that cybersecurity insurance is key to mitigating the financial aspect and liability of such a risk.

Risk levels will vary based upon the environment and organization, and not every application will be appropriate for this type of protection.

Source in page 43: http://flickread.com/edition/PensordFreeLibrary/5a30d704e0c7c/

MessagesTimelineExceptionsViews11RouteQueries4Models22MailsGateSessionRequest
7.4.33PHP Version143msRequest Duration7MBMemory UsageGET news/{slug}Route
    • Booting (77.86ms)
    • Application (64.62ms)
    • 1 x Booting (54.56%)
      77.86ms
      1 x Application (45.28%)
      64.62ms
      11 templates were rendered
      • themes.avc1.single (resources/views/themes/avc1/single.blade.php)2blade
        Params
        0
        post
        1
        categories
      • themes.avc1.layout.master (resources/views/themes/avc1/layout/master.blade.php)10blade
        Params
        0
        obLevel
        1
        __env
        2
        app
        3
        smallsliders
        4
        errors
        5
        post
        6
        categories
        7
        __currentLoopData
        8
        category
        9
        loop
      • themes.avc1.partials.header (resources/views/themes/avc1/partials/header.blade.php)10blade
        Params
        0
        obLevel
        1
        __env
        2
        app
        3
        smallsliders
        4
        errors
        5
        post
        6
        categories
        7
        __currentLoopData
        8
        category
        9
        loop
      • menuheader (resources/views/menuheader.blade.php)2blade
        Params
        0
        items
        1
        options
      • themes.avc1.partials.footer (resources/views/themes/avc1/partials/footer.blade.php)10blade
        Params
        0
        obLevel
        1
        __env
        2
        app
        3
        smallsliders
        4
        errors
        5
        post
        6
        categories
        7
        __currentLoopData
        8
        category
        9
        loop
      • menufooter (resources/views/menufooter.blade.php)2blade
        Params
        0
        items
        1
        options
      • voyager::menu.default (vendor/tcg/voyager/resources/views/menu/default.blade.php)15blade
        Params
        0
        obLevel
        1
        __env
        2
        app
        3
        smallsliders
        4
        errors
        5
        items
        6
        options
        7
        __currentLoopData
        8
        item
        9
        loop
        10
        originalItem
        11
        isActive
        12
        styles
        13
        icon
        14
        alerts
      • voyager::menu.default (vendor/tcg/voyager/resources/views/menu/default.blade.php)15blade
        Params
        0
        obLevel
        1
        __env
        2
        app
        3
        smallsliders
        4
        errors
        5
        items
        6
        options
        7
        __currentLoopData
        8
        item
        9
        loop
        10
        originalItem
        11
        isActive
        12
        styles
        13
        icon
        14
        alerts
      • voyager::menu.default (vendor/tcg/voyager/resources/views/menu/default.blade.php)15blade
        Params
        0
        obLevel
        1
        __env
        2
        app
        3
        smallsliders
        4
        errors
        5
        items
        6
        options
        7
        __currentLoopData
        8
        item
        9
        loop
        10
        originalItem
        11
        isActive
        12
        styles
        13
        icon
        14
        alerts
      • voyager::menu.default (vendor/tcg/voyager/resources/views/menu/default.blade.php)15blade
        Params
        0
        obLevel
        1
        __env
        2
        app
        3
        smallsliders
        4
        errors
        5
        items
        6
        options
        7
        __currentLoopData
        8
        item
        9
        loop
        10
        originalItem
        11
        isActive
        12
        styles
        13
        icon
        14
        alerts
      • themes.avc1.partials.rocket-menu (resources/views/themes/avc1/partials/rocket-menu.blade.php)10blade
        Params
        0
        obLevel
        1
        __env
        2
        app
        3
        smallsliders
        4
        errors
        5
        post
        6
        categories
        7
        __currentLoopData
        8
        category
        9
        loop
      uri
      GET news/{slug}
      middleware
      web
      controller
      App\Http\Controllers\PostsController@show
      namespace
      App\Http\Controllers
      prefix
      where
      file
      app/Http/Controllers/PostsController.php:47-55
      4 statements were executed7.76ms
      avc_staging_db
      • select * from `categories`
        560μs/app/Http/Controllers/PostsController.php:17avc_staging_db
        Metadata
        Backtrace
        • 12. /app/Http/Controllers/PostsController.php:17
        • 14. /vendor/laravel/framework/src/Illuminate/Container/Container.php:843
        • 15. /vendor/laravel/framework/src/Illuminate/Container/Container.php:681
        • 16. /vendor/laravel/framework/src/Illuminate/Foundation/Application.php:785
        • 17. /vendor/laravel/framework/src/Illuminate/Container/Container.php:629
      • select * from `posts` where `slug` = 'addressing-the-basics-of-cyber-security' and `status` = 'PUBLISHED' limit 1
        760μs/app/Http/Controllers/PostsController.php:51avc_staging_db
        Metadata
        Bindings
        • 0. addressing-the-basics-of-cyber-security
        • 1. PUBLISHED
        Backtrace
        • 16. /app/Http/Controllers/PostsController.php:51
        • 19. /vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php:45
        • 20. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:219
        • 21. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:176
        • 22. /vendor/laravel/framework/src/Illuminate/Routing/Router.php:681
      • select * from `categories` where `categories`.`id` = 2 limit 1
        5.88msview::themes.avc1.single:26avc_staging_db
        Metadata
        Bindings
        • 0. 2
        Backtrace
        • 20. view::themes.avc1.single:26
        • 22. /vendor/laravel/framework/src/Illuminate/View/Engines/CompilerEngine.php:59
        • 23. /vendor/laravel/framework/src/Illuminate/View/View.php:143
        • 24. /vendor/laravel/framework/src/Illuminate/View/View.php:126
        • 25. /vendor/laravel/framework/src/Illuminate/View/View.php:91
      • select * from `settings` order by `order` asc
        560μs/vendor/tcg/voyager/src/Voyager.php:238avc_staging_db
        Metadata
        Backtrace
        • 14. /vendor/tcg/voyager/src/Voyager.php:238
        • 15. /vendor/laravel/framework/src/Illuminate/Support/Facades/Facade.php:261
        • 16. /vendor/tcg/voyager/src/Helpers/helpers.php:6
        • 19. /vendor/laravel/framework/src/Illuminate/View/Engines/CompilerEngine.php:59
        • 20. /vendor/laravel/framework/src/Illuminate/View/View.php:143
      TCG\Voyager\Models\Setting
      20
      App\Category
      1
      App\Post
      1
          _token
          yBdA0xCnhzqqRtnHU4DzayWfdRuaIfRJkJdc0r1k
          _previous
          array:1 [ "url" => "https://avcstaging.arecontvisioncostar.com/news/addressing-the-basics-of-cyber...
          _flash
          array:2 [ "old" => [] "new" => [] ]
          PHPDEBUGBAR_STACK_DATA
          []
          path_info
          /news/addressing-the-basics-of-cyber-security
          status_code
          200
          status_text
          OK
          format
          html
          content_type
          text/html; charset=UTF-8
          request_query
          []
          request_request
          []
          request_headers
            0 of 0   
          array:24 [
  "cf-ipcountry" => array:1 [
    0 => "US"
  ]
  "cf-connecting-ip" => array:1 [
    0 => "18.190.207.149"
  ]
  "cdn-loop" => array:1 [
    0 => "cloudflare; loops=1"
  ]
  "sec-fetch-site" => array:1 [
    0 => "none"
  ]
  "accept" => array:1 [
    0 => "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"
  ]
  "user-agent" => array:1 [
    0 => "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)"
  ]
  "upgrade-insecure-requests" => array:1 [
    0 => "1"
  ]
  "sec-ch-ua-platform" => array:1 [
    0 => ""Windows""
  ]
  "sec-ch-ua-mobile" => array:1 [
    0 => "?0"
  ]
  "sec-ch-ua" => array:1 [
    0 => ""Chromium";v="130", "HeadlessChrome";v="130", "Not?A_Brand";v="99""
  ]
  "cache-control" => array:1 [
    0 => "no-cache"
  ]
  "pragma" => array:1 [
    0 => "no-cache"
  ]
  "sec-fetch-dest" => array:1 [
    0 => "document"
  ]
  "cf-ray" => array:1 [
    0 => "93c697936ed1dd6d-SJC"
  ]
  "accept-encoding" => array:1 [
    0 => "gzip, br"
  ]
  "priority" => array:1 [
    0 => "u=0, i"
  ]
  "sec-fetch-user" => array:1 [
    0 => "?1"
  ]
  "sec-fetch-mode" => array:1 [
    0 => "navigate"
  ]
  "cf-visitor" => array:1 [
    0 => "{"scheme":"https"}"
  ]
  "connection" => array:1 [
    0 => "close"
  ]
  "x-forwarded-proto" => array:1 [
    0 => "https"
  ]
  "x-forwarded-for" => array:1 [
    0 => "18.190.207.149, 172.71.154.111"
  ]
  "x-server-addr" => array:1 [
    0 => "159.65.79.202"
  ]
  "host" => array:1 [
    0 => "avcstaging.arecontvisioncostar.com"
  ]
]
          request_server
            0 of 0   
          array:55 [
  "USER" => "avcstaging"
  "HOME" => "/home/avcstaging"
  "SCRIPT_NAME" => "/index.php"
  "REQUEST_URI" => "/news/addressing-the-basics-of-cyber-security"
  "QUERY_STRING" => ""
  "REQUEST_METHOD" => "GET"
  "SERVER_PROTOCOL" => "HTTP/1.0"
  "GATEWAY_INTERFACE" => "CGI/1.1"
  "REDIRECT_URL" => "/news/addressing-the-basics-of-cyber-security"
  "REMOTE_PORT" => "47356"
  "SCRIPT_FILENAME" => "/home/avcstaging/webapps/app-avcstaging/public/index.php"
  "SERVER_ADMIN" => "you@example.com"
  "CONTEXT_DOCUMENT_ROOT" => "/home/avcstaging/webapps/app-avcstaging/public/"
  "CONTEXT_PREFIX" => ""
  "REQUEST_SCHEME" => "http"
  "DOCUMENT_ROOT" => "/home/avcstaging/webapps/app-avcstaging/public/"
  "REMOTE_ADDR" => "172.71.154.111"
  "SERVER_PORT" => "80"
  "SERVER_ADDR" => "127.0.0.1"
  "SERVER_NAME" => "avcstaging.arecontvisioncostar.com"
  "SERVER_SOFTWARE" => "Apache/2.4.62 (Unix) OpenSSL/1.0.2g"
  "SERVER_SIGNATURE" => ""
  "LD_LIBRARY_PATH" => "/RunCloud/Packages/apache2-rc/lib"
  "PATH" => "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
  "HTTP_CF_IPCOUNTRY" => "US"
  "HTTP_CF_CONNECTING_IP" => "18.190.207.149"
  "HTTP_CDN_LOOP" => "cloudflare; loops=1"
  "HTTP_SEC_FETCH_SITE" => "none"
  "HTTP_ACCEPT" => "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"
  "HTTP_USER_AGENT" => "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)"
  "HTTP_UPGRADE_INSECURE_REQUESTS" => "1"
  "HTTP_SEC_CH_UA_PLATFORM" => ""Windows""
  "HTTP_SEC_CH_UA_MOBILE" => "?0"
  "HTTP_SEC_CH_UA" => ""Chromium";v="130", "HeadlessChrome";v="130", "Not?A_Brand";v="99""
  "HTTP_CACHE_CONTROL" => "no-cache"
  "HTTP_PRAGMA" => "no-cache"
  "HTTP_SEC_FETCH_DEST" => "document"
  "HTTP_CF_RAY" => "93c697936ed1dd6d-SJC"
  "HTTP_ACCEPT_ENCODING" => "gzip, br"
  "HTTP_PRIORITY" => "u=0, i"
  "HTTP_SEC_FETCH_USER" => "?1"
  "HTTP_SEC_FETCH_MODE" => "navigate"
  "HTTP_CF_VISITOR" => "{"scheme":"https"}"
  "HTTP_CONNECTION" => "close"
  "HTTP_X_FORWARDED_PROTO" => "https"
  "HTTP_X_FORWARDED_FOR" => "18.190.207.149, 172.71.154.111"
  "HTTP_X_SERVER_ADDR" => "159.65.79.202"
  "HTTP_HOST" => "avcstaging.arecontvisioncostar.com"
  "HTTPS" => "on"
  "REDIRECT_STATUS" => "200"
  "REDIRECT_HTTPS" => "on"
  "FCGI_ROLE" => "RESPONDER"
  "PHP_SELF" => "/index.php"
  "REQUEST_TIME_FLOAT" => 1746682509.4184
  "REQUEST_TIME" => 1746682509
]
          request_cookies
          []
          response_headers
            0 of 0   
          array:7 [
  "content-type" => array:1 [
    0 => "text/html; charset=UTF-8"
  ]
  "cache-control" => array:1 [
    0 => "private, must-revalidate"
  ]
  "date" => array:1 [
    0 => "Thu, 08 May 2025 05:35:09 GMT"
  ]
  "pragma" => array:1 [
    0 => "no-cache"
  ]
  "expires" => array:1 [
    0 => -1
  ]
  "set-cookie" => array:2 [
    0 => "XSRF-TOKEN=eyJpdiI6IjVzYTlicUYzMHRmY0NGaXN4R1NLUWc9PSIsInZhbHVlIjoidm5aNGY1Qzl3S000NzdCWkxTbGZGRUc5WDlQUDQ5dzdVQXlqTDZ4TXQwaWpWQjdOTm1ZYk1lK3BTSzZ4U09LWW9keUNqMTVZOVJ6YVlvTisyeHBcL2taRVc0cEdYcUl2WlYwQ1ZKKzZvRHE3S3ZcL3Rtc3lpekk1SjBCSHRGdUVabCIsIm1hYyI6ImQwZGRiMzI3NzMyYWJkODVhMWNjYTQzM2YzZjZjZDVkNjU3ODkzMDgxMDQ5Y2MwNjFiMjZkMDZmYTZlNDAxYTYifQ%3D%3D; expires=Thu, 08-May-2025 07:35:09 GMT; Max-Age=7200; path=/XSRF-TOKEN=eyJpdiI6IjVzYTlicUYzMHRmY0NGaXN4R1NLUWc9PSIsInZhbHVlIjoidm5aNGY1Qzl3S000NzdCWkxTbGZGRUc5WDlQUDQ5dzdVQXlqTDZ4TXQwaWpWQjdOTm1ZYk1lK3BTSzZ4U09LWW9keUNqM"
    1 => "avcostar_session=eyJpdiI6Im5FNTdLdDZQRnRpZ1Q3cGgwTk9IVFE9PSIsInZhbHVlIjoieGtueTlrZU1OYXFZQTVvSFl2ZHZhZ1NyXC82WVVZUkNyZGY3WW9iOGVmaFo5TytFOG5Bc1BKSXFGT1Q5cms1REJNMHNJeXBQMXdBOFFJeWowWFlYcW10ZDNjdVV2d3l4cTRZSWdBNmdaMnJYNWZsZFMzR1JjU3I0NCtiQzdreXl3IiwibWFjIjoiY2IyNmNjZTUwOWQ5YzNiY2JmMWQ3ZmVjYmRkOWRkNjUyNTFiOWQyMDEyYTIyMjE3NjcxN2EwMmFjMjU4ODhhNSJ9; expires=Thu, 08-May-2025 07:35:09 GMT; Max-Age=7200; path=/; httponlyavcostar_session=eyJpdiI6Im5FNTdLdDZQRnRpZ1Q3cGgwTk9IVFE9PSIsInZhbHVlIjoieGtueTlrZU1OYXFZQTVvSFl2ZHZhZ1NyXC82WVVZUkNyZGY3WW9iOGVmaFo5TytFOG5Bc1BKSXFGT1Q5cms1REJ"
  ]
  "Set-Cookie" => array:2 [
    0 => "XSRF-TOKEN=eyJpdiI6IjVzYTlicUYzMHRmY0NGaXN4R1NLUWc9PSIsInZhbHVlIjoidm5aNGY1Qzl3S000NzdCWkxTbGZGRUc5WDlQUDQ5dzdVQXlqTDZ4TXQwaWpWQjdOTm1ZYk1lK3BTSzZ4U09LWW9keUNqMTVZOVJ6YVlvTisyeHBcL2taRVc0cEdYcUl2WlYwQ1ZKKzZvRHE3S3ZcL3Rtc3lpekk1SjBCSHRGdUVabCIsIm1hYyI6ImQwZGRiMzI3NzMyYWJkODVhMWNjYTQzM2YzZjZjZDVkNjU3ODkzMDgxMDQ5Y2MwNjFiMjZkMDZmYTZlNDAxYTYifQ%3D%3D; expires=Thu, 08-May-2025 07:35:09 GMT; path=/XSRF-TOKEN=eyJpdiI6IjVzYTlicUYzMHRmY0NGaXN4R1NLUWc9PSIsInZhbHVlIjoidm5aNGY1Qzl3S000NzdCWkxTbGZGRUc5WDlQUDQ5dzdVQXlqTDZ4TXQwaWpWQjdOTm1ZYk1lK3BTSzZ4U09LWW9keUNqM"
    1 => "avcostar_session=eyJpdiI6Im5FNTdLdDZQRnRpZ1Q3cGgwTk9IVFE9PSIsInZhbHVlIjoieGtueTlrZU1OYXFZQTVvSFl2ZHZhZ1NyXC82WVVZUkNyZGY3WW9iOGVmaFo5TytFOG5Bc1BKSXFGT1Q5cms1REJNMHNJeXBQMXdBOFFJeWowWFlYcW10ZDNjdVV2d3l4cTRZSWdBNmdaMnJYNWZsZFMzR1JjU3I0NCtiQzdreXl3IiwibWFjIjoiY2IyNmNjZTUwOWQ5YzNiY2JmMWQ3ZmVjYmRkOWRkNjUyNTFiOWQyMDEyYTIyMjE3NjcxN2EwMmFjMjU4ODhhNSJ9; expires=Thu, 08-May-2025 07:35:09 GMT; path=/; httponlyavcostar_session=eyJpdiI6Im5FNTdLdDZQRnRpZ1Q3cGgwTk9IVFE9PSIsInZhbHVlIjoieGtueTlrZU1OYXFZQTVvSFl2ZHZhZ1NyXC82WVVZUkNyZGY3WW9iOGVmaFo5TytFOG5Bc1BKSXFGT1Q5cms1REJ"
  ]
]
          session_attributes
            0 of 0   
          array:4 [
  "_token" => "yBdA0xCnhzqqRtnHU4DzayWfdRuaIfRJkJdc0r1k"
  "_previous" => array:1 [
    "url" => "https://avcstaging.arecontvisioncostar.com/news/addressing-the-basics-of-cyber-security"
  ]
  "_flash" => array:2 [
    "old" => []
    "new" => []
  ]
  "PHPDEBUGBAR_STACK_DATA" => []
]