Vulnerabilities / Threats

6/4/2018
11:00 AM
Ken Mills
Ken Mills
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

Building a Safe, Efficient, Cost-Effective Security Infrastructure

The Industrial Internet of Things allows organizations to address both physical and digital security concerns.

With more than 327,000 robberies occurring last year in the United States, and with firearms used in roughly 40% of those incidents, security continues to be a key concern for businesses, governments, schools, and the general public. Gun control continues to be one of the most debated topics, and while the nation stands divided, according to the Brady Campaign there are 93 deaths from gun violence each day. However, despite prevailing security threats, there are still many issues such as infrastructure constraints, cost, access to data, and other barriers that result in ineffective safety.

So, how can organizations address these ever-growing security concerns — both digital and physical? That's where the Industrial Internet of Things (IIoT) comes in. Many organizations, such as the police, are turning to data analytics and IIoT technologies to protect citizens in an efficient and cost-effective way. For example, if someone is vandalizing a public space or property, IIoT technology can alert law enforcement officers by sending real-time alerts, so the perpetrator is caught in the act while crime remediation costs are reduced. As a result, IIoT devices and platforms are being deployed in a greater number of public safety programs.

Implementing an IIoT Security Solution
If you're part of an organization looking to redefine security infrastructure, there are several steps to consider when planning and implementing a solution.

1. Assess potential security risks in outdoor spaces. When assessing outdoor security, remember that different environments have specific requirements. For example, for transient events — such as fairs, festivals, and marathons — rapid deployment and easy redeployment of next-generation security is especially relevant. In fixed locations, such as parks and business campuses, speed of deployment and cost efficiencies are also important considerations. Meanwhile, mass transit systems and critical infrastructure must be reviewed for their unique security risks.

The assessment should be conducted as early as possible, so that all factors can be taken into consideration, including the need for video, gunshot, and chemical detection, in order to allow law enforcement or the security teams to be proactive and initiate a rapid response. It's also imperative to determine how much data customers should archive, how long they should store it, and how they want to interact with that data. 

2. Assess the deployment location and identify implementation challenges. Assess the strengths and weaknesses of video and audio sensors, along with ideal deployment locations. The number of devices required to address the security risks must be determined. Look at camera angles, fields of view, lighting conditions, and bandwidth usage. Decide whether to deploy streaming video only over video analytics for object detection in a zone. Additionally, consider leveraging an organization that can validate your hardware and software solution within a lab environment in order to reduce your deployment risks and increase reliability.

3. Plan for IT and OT collaboration. Importantly, information technology (IT) and operational technology (OT) teams need to collaborate to ensure a successful deployment. For example, IT must assess networking options, storage requirements and determine the optimal configuration, while also supporting how insights from the surveillance solution are integrated into existing IT systems, if relevant. In contrast, OT will likely assess how to facilitate power and connectivity to the outdoor locations. The teams must also decide ownership of the video management system.

4. Identify video and data storage requirements. Storage is the foundation layer of any surveillance solution. However, many organizations purchase body-worn and other surveillance devices before they consider storage requirements or cost. This foundation layer must support an open platform capable of managing disparate data sets (from multiple devices) while addressing the challenge of scale head-on. It's important to understand the differences among the three major surveillance storage architectures — edge, core, and cloud — and what option would be most suitable to your specific organizational needs and requirements. (Full disclosure: Dell is among a number of companies that provide these services.)

Edge architectures typically support several hundred surveillance devices. They store video and surveillance data locally and then periodically transfer the digital data set to the central platform. For example, a "satellite" police station may store data locally in office, then periodically transfer it over to headquarters — the centralized location. Edge architectures often integrate the data with applications, such as access control and intrusion detection, without engaging a central server. The resulting architecture reduces single points of failure and distributes processing requirements over many, smaller sites.

Scale is the primary consideration with core architectures. Commonly used by police headquarters, schools, federal/government, airports, and energy companies, centralized surveillance architectures host high camera- or device-count environments (typically hundreds of surveillance devices) and can support large amounts of surveillance data. Storage must be made efficient and utilization rates must be high to prevent price creep, while migration time must be extremely low to seamlessly apply changes in resolution or pixelation. 

Many companies opt to go on-premises for their primary storage but use cloud architectures for deeper, longer, "cold" storage. Cloud provides an elastic storage platform that easily expands as data volumes grow. For surveillance-specific industries, this means expanding volumes in a centralized private cloud or even leveraging public cloud storage for more rapid capacity expansion in order to scale rapidly at the appropriate times. Ultimately, cloud storage can improve storage efficiencies and help reduce the costs associated with storing inactive data on more expensive storage solutions. However, using the cloud for surveillance data involves many different availability, security, and cost decisions.

5. Automate alerts to gain optimal ROI. The final step is to provide end users with hands-on training to ensure that they're capable of operating a security system. The training should include user-interface training mobile access and mobile app training.

Many applications will include automatic functions, including real-time alerts, that can be integrated into the system. Detections are automatically configured onto the platform and requires no setup.

The Next Generation of Security
Traditionally, video surveillance and sensors would have been implemented as separate solutions. Despite all the time and effort involved in setup, fixed solutions create sunk-in costs because they're not redeployable. That's why moving to a cloud-based IIoT security system makes sense. With increasingly powerful IIoT solutions, users can connect directly and seamlessly, plus analyze data faster to respond quicker or prevent a criminal act from occurring.  

Here's to a safer world!

Related Content:

A leader in the video surveillance industry for over 15 years, Ken Mills is the General Manager & Chief Technology Officer (CTO) at Dell EMC for the Surveillance and Reconnaissance business, and is regarded as one of the company's top surveillance and public safety experts. ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Meet 'Bro': The Best-Kept Secret of Network Security
Greg Bell, CEO, Corelight,  6/14/2018
Containerized Apps: An 8-Point Security Checklist
Jai Vijayan, Freelance writer,  6/14/2018
Four Faces of Fraud: Identity, 'Fake' Identity, Ransomware & Digital
David Shefter, Chief Technology Officer at Ziften Technologies,  6/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-0291
PUBLISHED: 2018-06-20
A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The vulnerability is due to improper validation of SNMP protocol ...
CVE-2018-0292
PUBLISHED: 2018-06-20
A vulnerability in the Internet Group Management Protocol (IGMP) Snooping feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in ...
CVE-2018-0293
PUBLISHED: 2018-06-20
A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user. The attacker would have to possess valid user credentials for the device. The vulnerability is du...
CVE-2018-0294
PUBLISHED: 2018-06-20
A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device. The vulnerability exists because the affected software does not properly delete sensitive...
CVE-2018-0295
PUBLISHED: 2018-06-20
A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update...