The world of network centric security technology has opened a Pandora’s Box of threats that are driving vendors to become more proactive when it comes to protecting the interests of their end user clients. For Genetec, the new paradigm of managing risk has created a novel approach they are calling “the security of security.”
As the influx of more and more video cameras populate the landscape, the risk of exposing critical information to bold hackers extends from end point to server. So not only is that video susceptible to hackers as it moves along the network, but also once it is being stored. Solutions providers like Genetec are now taking more proactive measures to ensure that what they provide their clients is as close to tamperproof as possible.
“We are all part of the security market and the endgame is how do we best protect our customer’s assets. No matter if we are working to protect video or control door entry, we must be vigilant in providing the best protection of critical data.” says Jimmy Palatsoukas, Senior Manager of Product Marketing at Genetec during the opening day at the annual ASIS security conference in Anaheim. “A big focus for us this year has been the security of the application itself. We are hearing a lot about cyber-attacks and hacking, so our goal is coming up with solutions on how to make all these security platforms more secure and robust for our customers.”
Genetec’s Security Center 5.4, which is its unified security platform that combines access control, automatic license plate recognition (ALPR) and video surveillance, is on display at ASIS and demonstrating the enhanced encryption and authentication protocols.
Security Center 5.4 is showcasing cutting-edge security threat countermeasures, including new authentication and encryption methods to ensure that only authorized personnel can access their security system. To mitigate the risk of cyber-threats, such as man-in-the-middle attacks, organizations will be able to implement digital certificates to guarantee trust within the system and implement new levels of encrypted communications between all Security Center components. By establishing a secure and trusted connection, Security Center will be able to authenticate communications within the system, validating and ensuring that data and video are not exchanged with outside sources. This latest release will also allow organizations to leverage specialized third-party claims services, including Active Directory Federation Services, to authenticate and manage Security Center user credentials.
New video encryption methods in Security Center 5.4 will offer advanced capabilities to ensure that live video streams and archived video can only be viewed by authenticated users, and cannot be shared with unauthorized individuals. Leveraging either AES-256 or RSA encryption standards, Security Center 5.4 will protect recorded streams, maintaining no unencrypted data, with enforced viewing permissions through the use of digital certificates.
“From the server to the client everything is encrypted so not only are you protecting the information and that data, but also addressing the user’s privacy issues. Our other goal is enhancing authentication. When you log on to your webserver at home and connect to your bank, you want to make sure it really is the bank you are talking to. So we have done the same thing in our product,” Palatsoukas says. “So when our client talks to our server, it has to authenticate and we do that through certificates. Leveraging digital certificates provides a solution for our customers who might not even realize the threat.”
Palatsoukas adds that another other main component for Genetec is providing more dynamic security for active video.
“We really don’t see this being done to the level it needs to be. Our clients can now encrypt the video in transit and also when that video is being stored. So even if someone was to gain access to that server they wouldn’t be able to see that video.”
Addressing the growing concern of privacy in both the public and private sectors has moved Genetec to partner with a company from German called Kiwi, which is just entering the North American market.
KiwiVision Privacy Protector is a patented software application, developed specifically to monitor actions and movements, while at the same time ensuring the protection of one´s personal privacy. Through pixelization, it automatically obscures persons and vehicles in surveillance videos in real-time. The ideal pixelization level can be chosen for every situation, up to complete coloring to ensure that that the identity of individuals is not recognizable in any scene. The operator only sees the pixelated video image. In case of an incident, authorized Security Center operators can access the plain video. The KiwiVision Privacy Protector is the only video surveillance product that has been awarded the European Privacy Seal by the “Independent Center for Data Protection” in SchleswigHolstein, Germany
“For our customers there is a huge concern around the privacy of that video, especially when you think of municipalities who share that video with law enforcement. But corporations and high compliance institutions like hospitals also have that high privacy concern. You want to be sure there is security around what you have recorded and what you are storing,” says Andrew Elvish, VP of Marketing and Product Management at Genetec. “With our focus on the security of security initiative we are offering security from edge to core. But while that video is at rest all the data is encrypted, so even if someone were to get into the server, the video would be useless. One other important point is that your most secure route is using multi-factor authentication and claim-based authentication.”
The Genetec solution can also support the more advanced IT policies of larger enterprises that use certificates issued by trusted certificate authorities like VeriSign and Symantec. “This really ups the game and brings security for the devices and the network to the next level,” adds Palatsoukas.