Hikvision Cybersecurity Director Offers Tips to Reduce Cyberattacks and Security Concerns in Network Security, User Security and System Administration
Cybersecurity Tips from Hikvision to Reduce Security Concerns
Hikvision’s director of cybersecurity, Chuck Davis, offers insights to help reduce security concerns in video surveillance, access control and integrated solutions.
Davis, together with the Hikvision Security Lab at Hikvision headquarters, is leading the cybersecurity program for Hikvision North America, overseeing all internal and external cybersecurity initiatives and programs in the region.
Examples of ‘Defense in Depth’ and Other Key Steps for Security
Davis advocates the practice of "defense in depth," an approach to manage risk using diverse defensive strategies. It’s based on the idea that multiple layers of defense will provide additional protection against a potential cyberattack. This includes network segmentation, which simply stated means splitting a network into separate networks that are isolated, not connected, and compromising one won’t compromise the others. For example, finance, human resources and security should each have dedicated networks.
“This is the way corporate networks are built, which is based on the principle of least privilege – this means only giving people or systems access to the resources that they need, and nothing more. This is effective for the obvious reason of keeping sensitive resources only accessible by those who need access, but it is also an effective means of compartmentalizing a network environment in case of cyberattack or malware infection,” says Davis.
Here, Davis offers high-level steps to secure different areas of your network:
- Examples of Security for System Administration:
- Inventory: One of the most important things you can do is to be aware of what is on your network so you can determine if something new shows up.
- Patching: Be sure to patch regularly. Vendors find vulnerabilities and create patches all the time. Ensure you have a process in place to update systems with security patches, the same way you update your servers, laptops/desktops and mobile devices.
- How to Improve Network Security:
- Place devices behind firewalls to protect them from untrusted networks, such as the Internet.
- Network segmentation should be used to separate security networks from other networks (HR on one network, finance on another network, and security on yet another network).
- Where possible, use virtual private networks (VPN) to remotely connect to your secured network from the Internet.
- If you have the resources, install a network intrusion detection device to alert you to anything anomalous happening on your network.
- Run vulnerability scans against the devices on your network to alert you of new vulnerabilities.
- How to Improve User Security:
- Always change default user ID and password credentials.
- Be sure that each user has their own user account.
- Be sure that users only have access to resources they need. Don’t make everyone an administrator (principle of least privilege, again)
- Do not re-use passwords.
- Create strong passwords.
How To Protect Passwords and IoT Devices
Changing default passwords to complex passwords is a simple, yet critical step to bolster security. In a recent video interview with Campus Safety magazine on May 30, 2018, Davis said: “Defaults are really bad. Hackers love to focus on defaults because they realize a lot of people don’t change defaults, whether it’s default passwords or ports or different configurations. So, always make sure you’re changing those defaults."
In an earlier Campus Safety interview posted on April 16, 2018, Hikvision’s Davis said: “Video surveillance systems, just like all systems that are part of the Internet of Things (IoT), are actually computers. So we tend to forget that all of these devices that we’re connecting to our IP networks, [which are] ... adding all this great functionality to allow us to remotely monitor or control them, are actually computers. They have operating systems and they will have vulnerabilities. And so if we don’t take our proper due diligence and protect those things and really apply cybersecurity best practices, we put them at risk of being attacked …”
For additional insights from Hikvision’s cybersecurity director, click here for more tips on reducing potential security concerns.