HTTPS / SSL Video Surveillance Usage Statistics

By IPVM Team, Published Apr 01, 2019, 10:13am EDT

HTTPS / SSL / TLS usage has become commonplace for websites to improve security and, in particular, to help mitigate attackers reading or modifying communications between a website and a user.

And such technology has readily been available for many years in video surveillance products with the potential to improve the security of connections between cameras and recorders.

As such, 148 integrators answered the question:

HTTPS: In the past year, what percentage of cameras did you deploy that used HTTPS / SSL for connecting cameras to recorder / VMS? Why?

Usage was very low, with the most common meaningful response was that cameras and servers were installed on isolated networks. Moreover, many integrators clearly misunderstood what HTTPS was or how it works, or does not work, with video surveillance systems.

Inside this post, we examine these themes, explain how HTTPS / SSL / TLS is applicable to video surveillance, and share dozens of integrator comments.

Key ******

*** ********* *** ****** emerged:

  • * *********** ******** ** Integrator ********* ********* ****** to ** *** ** HTTPS
  • * ****** ** *********** did *** ********** *** question ** ************* ******** communications ******* *** ****** and ******, ** ******* to ****** ****** ******
  • **** *** ********** ********* reported *** ******* **** using *****
  • ********* ********* ***** *** the **** ****** ******** to *** *********** ********* them. ***** **** * integrators ********* ** *** their ****** ** ******* policy.

*** ***** - ******** Cameras *** *******

*** **** ****** ****** for *** ***** ***** was ******* *** ******* being ******** **** *** customer's ******* ******* *** the ********. ***** **** is ** ********* *** to ******** ********* ************* risks, *** *********** ******* for ** ******* ****** on *** ****** ******* to ******* ***** ***********, commands, *** ***** *******:

  • "**** *** ** *** systems ** ****** *** on **** ********, ** HTTPS ****'* **** ********* as *********."
  • "****. ******* *** ****** behind ********* ********'* ** no **** **** *** https. ** ** *** easier ** ***** ** would ********** ****** **. "
  • ****. *** ** *** systems *** ***** ** an ******** *** *** cameras ****. **** ** through *** ********* *** for *** ****** *** do *** ***** *** outside ****** ******* **. We *** ********* ** control *** ****** *******."
  • "**-**%. ** **** ** our ***********, *** ****** aggregation *******, ** **** physically ********* *** ********."
  • "****** *** *** ****** networks *** ** * secure *******, ******** **** clients (***** ********) *** isolated **** *** ******** (in *** *****)."
  • "** ****'* *** ***** as *** ******* ** deploy *** ******** *******, no ****** **** *******. If **'* ********* *** them ** ** ******** from ******* **** ** deploy *** ****** ** some ***** **** ** secure ******."
  • "*% * ****** *** a ********* **** *******, and *** *** ******* switches *** *********, ** there's ** **** ** secure *** ************* ******* the ******* *** ***'*"
  • "*...*** ******* *** ****** networks *** ****** ********** via * ******** *** card"
  • "**** - *** ** the ******* ** ******* are **** ** *** LAN ** ** ***'* bother **** *****/***."
  • "****. *** ******** *** completely ********** **** *** outside ********** ** **** point. **** *** ****** in *** ******."
  • "*** **** ** ** automatically ****. ******* ** they ** ** ************* it **** **** *** better ********. ** ********* don't ***** *** ***** because ** ** **** consuming *** *** **** are ****'* ******."

Customer ** ******* ************ ******* ***

*** **** ****** ******** related ** *** ***** is ** ** *** used *** ** *** customer ** ******* ******** it (** ***). **** of *** ******** ******* why ** *** **** were *** ******** ******, PCI ********** *** ** policy ***********:

  • "**% **** ** **** our ********* *** ********* now."
  • "*. **** *** *** been ********* ** *** customer *** ***** *******."
  • "**%. ********** ******** ***********."
  • "****. ** **** *** had **** *********** ********* for *** ********."
  • "** ***'* *** ** since ********* ***'* *** for ****. ** *** we ****'* *** *** security ********."
  • "**-**%. ** ******** ***** this ****** **** **** required ** ******** ******* policy"
  • "*** ******** ** *** industry / ******"
  • "**** ** ******* ** this ****. ********* ** are ******** ** **** on ***** ** ** able ** **** ******** audits *** *** **********."
  • "***. ** **** ** a ********* ******** ************** environment, ** **'* ******* to **** ** **** security ****** *** *****"
  • "*** ********** **-**% ** commercial ************ **** ********* by ***** ** ***** for ********* ********."
  • "** *** * ****** method ** ******* *** cameras. ***** ** *** easiest. ***** ********* **** a ****** ********** * standard ***********."
  • "**** **** ********* ** customer"
  • "*%. *** ********* ** customers (****** ** ***** local ***) *** ******** in ***** *** ********** is **** ******* ** benefit"
  • "***%. ****** ********. **** customers *** *** *****/*** they **** **** *** safer **** *********."
  • "**% ***** ********* **** dedicated ** *******....*** ****** security ****** ***** **** to *** *****"
  • "** *** ***** *********** it ***-***** ******** *********"
  • "** **** ***** **** it ***. *** ******* customer *** **** ****** concern *** ******** ** the ***** ****** ***** we ******* * ******** network *** *** *****. The **** **** ** see ** *** **** access ** *** ***."

Not ***** - *** ****** *** *******

*** ****** **** ****** reason *** *** ***** HTTPS *** *** **** and ********** ** ************ it ** *******.

***** *** ************ **** a ***** *********** ********* can **** ~$*** *** domain/customer, ***** ***** ********* only ** ******** *** client *********** ******* ** the ********. ******* *** Servers *** ******* ****-****** certificates ** *********** ********, however, ****-****** ***** *** be **** ****** **** certificates ********* **** * Certificate *********, *** *** potentially **** ******* ** create *** *****.

*****, **** ** ***** responses **** ***** **** the ******* ****** ** installed ** ** ******** network, **** ** ******** access:

  • "**** - *** ****** and **** ** * SSL. *** ******* ****** be ** * ******* network *** *** ******* to *** ***."
  • "**** ****** ******* **** ssl **** ** *****. We ******* *** ******* onto * ******** **** and *** *** ***** to ******* ****. *** cameras **** **** ** see *** ****** ** they ****** ** ********* off *** ********. *** server **** *** ** protected ** ******** ******** access *** ****** ****** to **** *** ******* needed ** ****** ** all."
  • "****, ******* ** *** way ****** *** ***** on ****. *******, ** is * *** **** for **** ** **** the ******."
  • "**% **** *** ** those ***** **** ** slower ** ***** **** it ******** ****** **. Haven't **** **** ** the **** ******** **** of ***** **** ***** is ****** ** *********."
  • "*. ******* *********** ***** does *** ******* ************, and ********/*************** ******* *** be *******."
  • "*% ******* ** ****** all ****** ** ****. Because ***** **** *********** that **** ***** ****."
  • "****. ** *** *** been ** ***** ** our ******** *** ****** captive ****** ********* *** VPN's. *****/*** **** ********** and *** **** ****** that ** ***** ****** not **** **** ****** absolutely *********."

********** ******* ****** *********** Limited

**** *** ********* ***** company ****** **** ******** the *** ** *****:

  • "*** ********* ** ****** have *****/*** ************ ****** and ****** **** *** the ************ ** *** security ******* ******."
  • "***% - * ***'* mention ** ** *** customer. ** ** **** it ***** ** **."
  • "*** ********, ***** **%. An ***** ***** ** security **** ******* ******, why ***?"

Comments (3)

* ***% ***** **** SSL/TLS ** *** *** to ** *** ******** ****, ******* ** should **** ** ***** that **** *** ***'* support ******* ********* ** this ***.  

** ********, ** **** increase *** ****** ****, possibly ********** *** ****** of ******* *** ******.

**** ******* ** *** encrypt *** ***** ******, rather ********** **** *** API & *** **** data.  *****, ****** **** encrypted ** ** **********.  Check **** **** ****** manufacture *** *** ** find *** *** *** combination ** *********.  

****, **** **** ** test *** *** *********** of * ****** **** HTTPS *******.  **** **** that ** ******** ** it ******** **** - webpages ***'* **** ****, video ***** **** *****'* drop, *** ***** ********, such ** *** ****'* limited.  * **** **** cameras **** **** ***** as * **** ** win * ***, *** it ****'* ******** ** ******** be ****.  *** *** page ****** **** ** slower **** *** **** enabled.

*******, *** *** ****** NOT ***** **********, ** is ******* ********* **** usernames *** ********* *** always **** ***** ****** authentication (* ***** **** of **********, **** **** HTTPS ***), *** *** clear ****.  **** ******* default ** ***** ****, which ****** ******* ** sniff *** ******* *** easily *** *** ********.   I **** **** **** cameras **** **** * selection ** *****, ******, or ****.  *** **** option ** **** ** weak ** *****.  ** attacker ******** ** *** authentication ******* **** **** only ******* ***** **************, and **** ** ****** them ** ******* ****** authentication.

***** ** ***** ** you *** *** ***** support ** * ****** option ****** *** ****** finder. ** ** ********* for **** ****** ********** clients. 

** *** *** ***** HTTP ** *** ********** network **** ** ** is ******* - ******** well, **** *** ***** as **** *** ******. GG.

**** **** *** *** has *** ****, **** network/their ******* *** **** own **** *******. ** is *** **** **** to ****** ******* **** a ******** ***. * have **** ** ******* more ****** *** ****** than * ****** ******* over ****** ******** ***** everything ********* *** **** expired *** ****** **** techs ******* **** * low **** *** ****** crying ***** ***** ***** and *********, *** ******* to *** ******.

*** **** *** ** by ************* ************** **** managing *** ****** ************ as * *******. ******** Integrators **** ** **** up ** **** ** the ** *** ***** rather **** *** ****** with * **** **** and **** ***** **.

**** ****** ** **** will **** **** ***** reverse ***** *****!

Read this IPVM report for free.

This article is part of IPVM's 6,800 reports, 913 tests and is only available to members. To get a one-time preview of our work, enter your work email to access the full article.

Already a member? Login here | Join now
Loading Related Reports