'CCTV' Is the Past, Cloud Video Surveillance Is the FutureBy: John Honovich, Published on Jul 08, 2019
A fundamental shift is happening. For decades, video surveillance was overwhelmingly 'closed' and off the Internet. This is changing. More and more video surveillance will be Internet controlled and, with cameras still inside networks, this will bring major benefits but also raise unprecedented risks about trusting one's video surveillance provider.
Once your video surveillance is cloud accessed or managed through your manufacturer (whether that is Axis or Hikvision, Hanwha or Dahua, Eagle Eye or Verkada or whomever), you need to trust that they are not going to use that to hack your network.
The old justification (or excuse, depending on one's outlook) was that you just completely shut off one's surveillance to the outside world and not need to worry about cybersecurity. That is going away.
Cameras (i.e., Computers) Inside
Unlike most SaaS services (email, CRM, etc.), with video surveillance, users have to have cameras inside their facilities. There is no way to virtualize that. And those cameras (or recorders) are networked computers. Those cameras / computers, with cloud management, are being controlled by the provider (again whether it is Axis, Hikvision, Verkada or whomever).
One's video surveillance provider will not only be able to 'see' inside your facilities, they will be able to run analytics to know what's going on and, most troublesome, if they so desire, they will be able to use those cameras to hack / attack or get into other devices inside your network.
One can certainly argue whether they will or won't but cloud management means they have capabilities to do damage inside one's network that they never could have done before.
Cloud Video Surveillance Benefits Will Continue To Rise
There are a host of growing benefits to have one's video surveillance cloud-managed, including:
- Remote access without setting up VPNs or super insecure port forwarding
- Cloud recording (either for redundancy or primary storage)
- Video analytics (there are many benefits to processing in the cloud)
- Automatic firmware updates as most video surveillance devices firmware are out-of-date
Beyond these user benefits, providers are going to be increasingly motivated to provide these services to move to a more profitable SaaS model, which will reinforce the trend.
2010s - Megapixel, 2020s - Cloud
If the 2010s was the decade of megapixel for video surveillance, then the 2020s are likely to be cloud. Just like SD resolution is now viewed as antiquated and inferior, in the next decade, so too will 'closed' systems.
Ending of 'Closed' / Airgapped Systems
This is going to be a major change as many veteran industry professionals have pushed back hard, saying cybersecurity is not a problem, just close off the systems:
My view today is that if a CCTV system is fully cabled and air gapped, how is any camera going to transmit images to anywhere other than the VMS?
I simply choose to deny access as a means of preventing exploits. Much easier. I sleep well.
I can only see these threats existing when the devices are given a public address or by designation of them or DVR/NVR/Servers as DMZ via port forwarding. Who does this?
These are not unreasonable takes, especially from the perspective of the past, but the future is going to make this increasing untenable.
Cloud Make Video Surveillance Better
Overall, the cloud will make video surveillance better - easier to manage, easier to access, better for analyzing video, etc.
Trust Will Become More Important
Historically, buying video surveillance products was a matter of trusting how well the products worked. With cloud, not only that but you also will need to trust them (literally) inside your house, business, organization, etc.
How many US or EU organizations will trust PRC government-owned Hikvision to control video surveillance cameras inside their facilities? Ban or no ban, this is going to be an increasing issue.
Even outside of 'politics', how much will one trust startups, like Verkada, to have access inside their networks?
And, for the PRC China, how much will they trust American owned companies like Avigilon to manage their video surveillance? Though, that is a joke, since literally foreign companies, regardless of quality, have been blocked for years out of almost all projects inside the PRC.
Performance will rise generally but also the risks for trusting the increasingly standard cloud video surveillance provider.