How can access to video best be managed to avoid unauthorised video being made public?

Given the advancements made to IP surveillance innovation on the network, the security safeguards put in place are much like any other IT system, and best practices lie in the hands of those that manage the video, such as making sure the firewall is up to speed and encryption is in place. Many other secure strategies exist and just need to be put in place, such as IEEE 802.1X for Port-based Network Access Control (PNAC) which provides an authentication mechanism to any surveillance camera that attaches to a LAN or WLAN; or IP filtering, which helps process, manage and discard unwanted connections by protocol types, socket numbers, source addresses and more. If you are still nervous, I’ll remind you that in most IP surveillance scenarios, you can disconnect the system from an Internet connection and run it separately, much like analogue surveillance systems operate off the network. 

The leaks that are technologically simplest are where CCTV monitors carrying private information can be seen by the public. For example, we‘ve all visited buildings and signed in at a Reception desk which carries easily visible displays of their secure areas. This is illegal if deemed a breach of the Data Protection Act. Don’t give people the opportunity to eavesdrop with their eyes. Years ago CCTV on videocassettes could only be secured by keeping it under lock & key. This basic principle should not be overlooked with digital CCTV at all vulnerable points in its network. IT systems’ electronic protection procedures are widely known and hence proven for restricting CCTV, e.g. password, token, biometric, dual-authorization, etc. Disabling ports such as USB, eSATA, etc. can help prevent unofficial video export. Maybe copyright infringement technology will get used to finding leaked CCTV across the Internet for takedown notices to be issued.

Often video gets released to the public not because someone hacked into a system but after the video is obtained by an "insider" who works with the system. With the trends toward sharing video among multiple jurisdictions and with other parts of a company, the challenges become even more complex. Stringent internal processes at the end user level can ensure that only the right people have access to surveillance video, and VMS systems enable enterprises to specify users and customize permissions to ensure only authorized operators can access video. The ability to copy or download video should be strictly reserved to those who are authorized, such as managers or supervisors. Accountability is key. Policies implemented to limit how much video is recorded or how long it can be saved are additional tools to manage the risk of unauthorized video getting made public.

Keeping video safe and secure is critical as users face a wide range of threats from both network and physical sources. Manufacturers should design solutions that enforce strict access policies to ensure that only authenticated users can access surveillance video footage. Operators can easily limit access to specific cameras based on individual access levels and design specific privileges based on what type and actions can be taken. In addition, customers should leverage a secure storage infrastructure for video, and treat video surveillance footage like any other critical data source that the organisation wishes to protect.