Cybersecurity, Systems Hardening, and Professional Services
The typical architecture of enterprise physical access control systems (ePACS) and video surveillance systems (VSS) is based on TCP/IP and RS-485 serial communications between servers, client workstations, controllers and readers or video recorders and cameras. Each of these links has an inherent potential cybersecurity risk that can be mitigated by systems hardening. Systems hardening is a collection of tools, techniques, and best practices to reduce vulnerability in technology applications, systems, infrastructure, firmware, and other areas.
The first level of hardening is the process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions; in principle, a single-function system is more secure than a multipurpose one. Reducing available ways of attack is accomplished by changing default passwords, removal of unnecessary software, elimination of unnecessary usernames or logins, and disabling or removal of unnecessary services.
The next levels of hardening are more complex. While assessment of your existing technology for cybersecurity risks shall be conducted by your IT department, we offer additional services to assist you in preparing a comprehensive audit, penetration testing, vulnerability scanning, and configuration management to find flaws in the systems and to prioritize fixes. For complex and mission-critical systems, we engage ePACS and VSS systems manufacturers and their experienced professional services teams to accomplish short-term projects, including hardening, mergers and migration, fault tolerance and high-availability solutions, and many others.
Best practices for cybersecure ePACS and VSS systems include:
- Auditing your ePACS and VSS systems
- Creating a strategy for systems hardening
- Patching first-level vulnerabilities immediately
- Implementing next-level cybersecurity by hardening of:
- Servers and recorders
- Operating systems
Contact us for more details about our professional services.