Axis: "It’s A Question Of Trust And Who You Want To Be Associated With"

Obviously anyone who voted "Neither" is likely an Axis competitor. LOL.

I think the "Who do you trust more?" question is a bit of stretch by only including the best (IMHO) Axis and the worst Hikvision, but I'll allow it!  

With all the recent vulnerabilities found effecting many different manufacturers I am not surprised trust is becoming a focus. 

I work for a manufacturer and have heard discussions surrounding this in recent strategy meetings. And while it is easy for a group of people who work for a manufacturer to sit around and strategize what they will do to build trust, the execution of the plan is always the most difficult part. 

Given the importance of trust, as seen in the poll results above, I would like to ask the members of this site, specifically the integrators, distributors and dealers:  What can we, as manufacturers, do to keep/gain/earn your trust?

If you're looking for a one time sale, lower pricing rules the day.  If you are a company built on repeat business and referrals, then sales are built on Trust.  

How important is trust in picking manufacturer? - For the distributor, reseller, installer or end customer?

The distributor or reseller probably looks on the percentage of cams that come DoA.

In most situations the installer is in competition to other installers, as the end customer in most cases is mainly looking at the price of the offer.

The end customer is not aware of "prestigious" brand or "no name". He doesn´t know the names of typical camera manufacturers anyway. Looking at the internet he finds more or less attractive websites from all the manufacturers or sample videos of new features or...
Security is an abstract value. (In most cases) The end customer doesn´t feel "more secure", when protected by Axis camera, than by Hikvision.
The look and feel of a specific client device, e.g. doorphone monitor may make a difference for him.

The end customer has to trust the installer.

For the installer it is much more difficult, than for car dealer to explain the value of a specific brand.
The customers knows the difference between Mercedes or Porsche and Kia or Mistubishi and connects different expectations and values.

But if different security cams deliver similar picture quality, why should he choose the expensive brand?

Should he really pay + 30% for an abstract value of "more security"?

How many projects are there, with a budget for detailled demonstrations / presentations or discussions on ethical aspects?

Ultimately, it’s a question of trust and who you want to be associated with. People appear to be happier to allow commercial organizations to gather, manage, use and keep the data that we seem happy to share so freely, rather than governments and state bodies. But they are also increasingly aware and sensitive about how their data is used, and the ethical behavior of those businesses they choose to deal with.

That’s some pretty subtle subtext if that is intended as a dig to Hik, since the article could stand on its own without any inference, and could just be judged as a straightforward Data/Privacy post.

This is really an issue about trust (competence, culture, commitment and execution), throughout the supply chain, and the word trust itself is really loaded.

In my opinion there can be no trust with the products manufactured in China.  This is not a racial or nationalist reason, it's technological.  They've proven time and again that they are not up to speed with the current demands for network (IoT) security in the devices that they make, either they can't do it, or just won't.  Almost all of the DVRs, NVRs and IP cameras coming from the major chinese manufacturers share a common component, the HiSilicon processor running it. 

I would suspect that HiSilicon delivers this processor along with a pre-built embedded BusyBox Linux OS for the manufacturers to put their DVR/NVR/IP camera program on top of.  Everything I've seen of this underlying OS is that security is not a concern, if it was then we wouldn't be seeing devices in 2018 still utilizing FTP and Telnet when these protocols were archaic and unsafe to use in 2005! 

Add to that the fact that no effort seems to be spent in developing for modern interfaces.  Can your device be accessed with a browser other than Internet Explorer, or does the CMS software from the manufacturer still utilize C++ runtime installation libraries from 2010?  Have you seen any development or efforts to implement 2 factor authentication or secure protocols from these manufacturers?

The overall attitude seems to be "it's good enough for the price point", but this shouldn't be allowed to fly in this day and age.  Security is the responsibility of the manufacturer above all and the lack of effort being put forth by them in this realm is ludicrous.  We're running full speed to the edge of the cliff with these devices and the only thought seems to be "how many more can I sell before we go off the edge like Thelma and Louise".

I am very eager to hear the results of the Senate meeting on January 30th when they discuss the situation with these manufacturers and their current methods of doing business.  Who knows, with the current hike in tariffs on solar panels from china being implemented, could something similar be forthcoming for security products?  Could this spur a movement to somehow start manufacturing quality, well secured up-to-date devices here in the US?  I can dream, right?