HTTPS / SSL Video Surveillance Usage Statistics

By: IPVM Team, Published on Apr 01, 2019

HTTPS / SSL / TLS usage has become commonplace for websites to improve security and, in particular, to help mitigate attackers reading or modifying communications between a website and a user.

And such technology has readily been available for many years in video surveillance products with the potential to improve the security of connections between cameras and recorders.

As such, 148 integrators answered the question:

HTTPS: In the past year, what percentage of cameras did you deploy that used HTTPS / SSL for connecting cameras to recorder / VMS? Why?

Usage was very low, with the most common meaningful response was that cameras and servers were installed on isolated networks. Moreover, many integrators clearly misunderstood what HTTPS was or how it works, or does not work, with video surveillance systems.

Inside this post, we examine these themes, explain how HTTPS / SSL / TLS is applicable to video surveillance, and share dozens of integrator comments.

***** / *** / TLS ***** *** ****** *********** for ******** ** ******* security ***, ** **********, to **** ******** ********* reading ** ********* ************** between * ******* *** a ****.

*** **** ********** *** readily **** ********* *** many ***** ** ***** surveillance ******** **** *** potential ** ******* *** security ** *********** ******* cameras *** *********.

** ****, *** *********** answered *** ********:

*****: ** *** **** year, **** ********** ** cameras *** *** ****** that **** ***** / SSL *** ********** ******* to ******** / ***? Why?

***** *** **** ***, with *** **** ****** meaningful ******** *** **** cameras *** ******* **** installed ** ******** ********. Moreover, **** *********** ******* misunderstood **** ***** *** or *** ** *****, or **** *** ****, with ***** ************ *******.

****** **** ****, ** examine ***** ******, ******* how ***** / *** / *** ** ********** to ***** ************, *** share ****** ** ********** comments.

[***************]

Key ******

*** ********* *** ****** emerged:

  • * *********** ******** ** Integrator ********* ********* ****** to ** *** ** HTTPS
  • * ****** ** *********** did *** ********** *** question ** ************* ******** communications ******* *** ****** and ******, ** ******* to ****** ****** ******
  • **** *** ********** ********* reported *** ******* **** using *****
  • ********* ********* ***** *** the **** ****** ******** to *** *********** ********* them. ***** **** * integrators ********* ** *** their ****** ** ******* policy.

*** ***** - ******** Cameras *** *******

*** **** ****** ****** for *** ***** ***** was ******* *** ******* being ******** **** *** customer's ******* ******* *** the ********. ***** **** is ** ********* *** to ******** ********* ************* risks, *** *********** ******* for ** ******* ****** on *** ****** ******* to ******* ***** ***********, commands, *** ***** *******:

  • "**** *** ** *** systems ** ****** *** on **** ********, ** HTTPS ****'* **** ********* as *********."
  • "****. ******* *** ****** behind ********* ********'* ** no **** **** *** https. ** ** *** easier ** ***** ** would ********** ****** **. "
  • ****. *** ** *** systems *** ***** ** an ******** *** *** cameras ****. **** ** through *** ********* *** for *** ****** *** do *** ***** *** outside ****** ******* **. We *** ********* ** control *** ****** *******."
  • "**-**%. ** **** ** our ***********, *** ****** aggregation *******, ** **** physically ********* *** ********."
  • "****** *** *** ****** networks *** ** * secure *******, ******** **** clients (***** ********) *** isolated **** *** ******** (in *** *****)."
  • "** ****'* *** ***** as *** ******* ** deploy *** ******** *******, no ****** **** *******. If **'* ********* *** them ** ** ******** from ******* **** ** deploy *** ****** ** some ***** **** ** secure ******."
  • "*% * ****** *** a ********* **** *******, and *** *** ******* switches *** *********, ** there's ** **** ** secure *** ************* ******* the ******* *** ***'*"
  • "*...*** ******* *** ****** networks *** ****** ********** via * ******** *** card"
  • "**** - *** ** the ******* ** ******* are **** ** *** LAN ** ** ***'* bother **** *****/***."
  • "****. *** ******** *** completely ********** **** *** outside ********** ** **** point. **** *** ****** in *** ******."
  • "*** **** ** ** automatically ****. ******* ** they ** ** ************* it **** **** *** better ********. ** ********* don't ***** *** ***** because ** ** **** consuming *** *** **** are ****'* ******."

Customer ** ******* ************ ******* ***

*** **** ****** ******** related ** *** ***** is ** ** *** used *** ** *** customer ** ******* ******** it (** ***). **** of *** ******** ******* why ** *** **** were *** ******** ******, PCI ********** *** ** policy ***********:

  • "**% **** ** **** our ********* *** ********* now."
  • "*. **** *** *** been ********* ** *** customer *** ***** *******."
  • "**%. ********** ******** ***********."
  • "****. ** **** *** had **** *********** ********* for *** ********."
  • "** ***'* *** ** since ********* ***'* *** for ****. ** *** we ****'* *** *** security ********."
  • "**-**%. ** ******** ***** this ****** **** **** required ** ******** ******* policy"
  • "*** ******** ** *** industry / ******"
  • "**** ** ******* ** this ****. ********* ** are ******** ** **** on ***** ** ** able ** **** ******** audits *** *** **********."
  • "***. ** **** ** a ********* ******** ************** environment, ** **'* ******* to **** ** **** security ****** *** *****"
  • "*** ********** **-**% ** commercial ************ **** ********* by ***** ** ***** for ********* ********."
  • "** *** * ****** method ** ******* *** cameras. ***** ** *** easiest. ***** ********* **** a ****** ********** * standard ***********."
  • "**** **** ********* ** customer"
  • "*%. *** ********* ** customers (****** ** ***** local ***) *** ******** in ***** *** ********** is **** ******* ** benefit"
  • "***%. ****** ********. **** customers *** *** *****/*** they **** **** *** safer **** *********."
  • "**% ***** ********* **** dedicated ** *******....*** ****** security ****** ***** **** to *** *****"
  • "** *** ***** *********** it ***-***** ******** *********"
  • "** **** ***** **** it ***. *** ******* customer *** **** ****** concern *** ******** ** the ***** ****** ***** we ******* * ******** network *** *** *****. The **** **** ** see ** *** **** access ** *** ***."

Not ***** - *** ****** *** *******

*** ****** **** ****** reason *** *** ***** HTTPS *** *** **** and ********** ** ************ it ** *******.

***** *** ************ **** a ***** *********** ********* can **** ~$*** *** domain/customer, ***** ***** ********* only ** ******** *** client *********** ******* ** the ********. ******* *** Servers *** ******* ****-****** certificates ** *********** ********, however, ****-****** ***** *** be **** ****** **** certificates ********* **** * Certificate *********, *** *** potentially **** ******* ** create *** *****.

*****, **** ** ***** responses **** ***** **** the ******* ****** ** installed ** ** ******** network, **** ** ******** access:

  • "**** - *** ****** and **** ** * SSL. *** ******* ****** be ** * ******* network *** *** ******* to *** ***."
  • "**** ****** ******* **** ssl **** ** *****. We ******* *** ******* onto * ******** **** and *** *** ***** to ******* ****. *** cameras **** **** ** see *** ****** ** they ****** ** ********* off *** ********. *** server **** *** ** protected ** ******** ******** access *** ****** ****** to **** *** ******* needed ** ****** ** all."
  • "****, ******* ** *** way ****** *** ***** on ****. *******, ** is * *** **** for **** ** **** the ******."
  • "**% **** *** ** those ***** **** ** slower ** ***** **** it ******** ****** **. Haven't **** **** ** the **** ******** **** of ***** **** ***** is ****** ** *********."
  • "*. ******* *********** ***** does *** ******* ************, and ********/*************** ******* *** be *******."
  • "*% ******* ** ****** all ****** ** ****. Because ***** **** *********** that **** ***** ****."
  • "****. ** *** *** been ** ***** ** our ******** *** ****** captive ****** ********* *** VPN's. *****/*** **** ********** and *** **** ****** that ** ***** ****** not **** **** ****** absolutely *********."

********** ******* ****** *********** Limited

**** *** ********* ***** company ****** **** ******** the *** ** *****:

  • "*** ********* ** ****** have *****/*** ************ ****** and ****** **** *** the ************ ** *** security ******* ******."
  • "***% - * ***'* mention ** ** *** customer. ** ** **** it ***** ** **."
  • "*** ********, ***** **%. An ***** ***** ** security **** ******* ******, why ***?"

Comments (3)

* ***% ***** **** SSL/TLS ** *** *** to ** *** ******** ****, ******* ** should **** ** ***** that **** *** ***'* support ******* ********* ** this ***.  

** ********, ** **** increase *** ****** ****, possibly ********** *** ****** of ******* *** ******.

**** ******* ** *** encrypt *** ***** ******, rather ********** **** *** API & *** **** data.  *****, ****** **** encrypted ** ** **********.  Check **** **** ****** manufacture *** *** ** find *** *** *** combination ** *********.  

****, **** **** ** test *** *** *********** of * ****** **** HTTPS *******.  **** **** that ** ******** ** it ******** **** - webpages ***'* **** ****, video ***** **** *****'* drop, *** ***** ********, such ** *** ****'* limited.  * **** **** cameras **** **** ***** as * **** ** win * ***, *** it ****'* ******** ** ******** be ****.  *** *** page ****** **** ** slower **** *** **** enabled.

*******, *** *** ****** NOT ***** **********, ** is ******* ********* **** usernames *** ********* *** always **** ***** ****** authentication (* ***** **** of **********, **** **** HTTPS ***), *** *** clear ****.  **** ******* default ** ***** ****, which ****** ******* ** sniff *** ******* *** easily *** *** ********.   I **** **** **** cameras **** **** * selection ** *****, ******, or ****.  *** **** option ** **** ** weak ** *****.  ** attacker ******** ** *** authentication ******* **** **** only ******* ***** **************, and **** ** ****** them ** ******* ****** authentication.

***** ** ***** ** you *** *** ***** support ** * ****** option ****** *** ****** finder. ** ** ********* for **** ****** ********** clients. 

** *** *** ***** HTTP ** *** ********** network **** ** ** is ******* - ******** well, **** *** ***** as **** *** ******. GG.

**** **** *** *** has *** ****, **** network/their ******* *** **** own **** *******. ** is *** **** **** to ****** ******* **** a ******** ***. * have **** ** ******* more ****** *** ****** than * ****** ******* over ****** ******** ***** everything ********* *** **** expired *** ****** **** techs ******* **** * low **** *** ****** crying ***** ***** ***** and *********, *** ******* to *** ******.

*** **** *** ** by ************* ************** **** managing *** ****** ************ as * *******. ******** Integrators **** ** **** up ** **** ** the ** *** ***** rather **** *** ****** with * **** **** and **** ***** **.

**** ****** ** **** will **** **** ***** reverse ***** *****!

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

IP Camera Installability Shootout 2019 - Avigilon, Axis, Bosch, Dahua, Hanwha, Hikvision, Uniview, Vivotek on Dec 09, 2019
What are the best and worst cameras to install? Which manufacturers make it the hardest or easiest to install their cameras? We tested 35 total...
Viisights Raises $10 Million, Behavior Analytics Company Profile on Dec 09, 2019
Viisights, an Israeli AI analytics startup marketing "Behavioral Understanding Systems", announced $10 million Series A funding. We spoke to...
Vunetrix Health Monitoring Company Profile on Nov 26, 2019
Vunetrix boasts that they make the integrators the 'HERO' by using Vunetrix's monitoring. We spoke to Vunetrix to better understand their...
Top 2020 Trend - AI Analytics on Nov 22, 2019
170+ Integrators answered: What do you think will be the top industry trend in 2020? Why? For the 4th year in a row, AI/video analytics was...
Top Manufacturers Gaining and Losing 2019 on Nov 18, 2019
2019 has been an explosive year for video surveillance, with the world's two largest manufacturers, Dahua and Hikvision, being sanctioned for human...
ADT Stock Surges - "Leading The Commercial Space" on Nov 15, 2019
Don't call it comeback... but maybe call it a commercial provider. ADT, whose stock dropped by as much as 2/3rds since IPOing in 2018, has now...
Open vs End-to-End Systems: Integrator Statistics 2019 on Nov 11, 2019
Preference for open systems is on the decline, according to new IPVM statistics. We asked integrators: For video surveillance systems, do you...
Biggest Low Light Problems 2019 on Nov 08, 2019
Over 150 integrators responded to our survey question: "What are the biggest problems you face getting good low-light images?" Inside, we share...
Axis Cracks Down On Illicit Channel Sales on Nov 01, 2019
Axis has stepped up efforts to crack down on illicit channel sales according to various industry sources, though, Axis denies this. Online sales...
Remote Access (DDNS vs P2P vs VPN) Usage Statistics on Oct 25, 2019
Remote access can make systems more usable but also more vulnerable. How are integrators delivring remote access in 2019? How many are using...

Most Recent Industry Reports

IP Camera Installability Shootout 2019 - Avigilon, Axis, Bosch, Dahua, Hanwha, Hikvision, Uniview, Vivotek on Dec 09, 2019
What are the best and worst cameras to install? Which manufacturers make it the hardest or easiest to install their cameras? We tested 35 total...
Viisights Raises $10 Million, Behavior Analytics Company Profile on Dec 09, 2019
Viisights, an Israeli AI analytics startup marketing "Behavioral Understanding Systems", announced $10 million Series A funding. We spoke to...
Disruptor Wyze Releases Undisruptive Smartlock on Dec 06, 2019
While Wyze has disrupted the consumer IP camera market with ~$20 cameras, its entrance into smart locks is entirely undisruptive. We have...
Bosch Budget 3000i Cameras Tested on Dec 05, 2019
Bosch has long had a hole in its lineup for, as it describes, "competitively-priced cameras". Now, Bosch has released its 3000i series cameras...
Anixter Resisting Takeover From Competitor on Dec 05, 2019
Mega distributor Anixter is going to be acquired but by whom? Initially, Anixter planned to go private, being bought by a private equity firm....
Security Sales Course 2020 - Last Chance Save $50 on Dec 05, 2019
This sales course is customized for the current needs and challenges specific to professionals selling video surveillance and access control...
Ireland National Children's Hospital Chooses Hikvision End-to-End With Facial Recognition on Dec 05, 2019
The world's most expensive hospital project ever, the New Children's Hospital in Ireland, has chosen an all-Hikvision surveillance system including...
AVTech ~$70 IP Cameras Tested Vs Dahua and Hikvision on Dec 04, 2019
Taiwanese manufacturer Avtech is taking direct aim at low cost leaders Dahua and Hikvision with ~$70 starlight and white light illuminator...
Ultinous European Analytics Startup Company Profile on Dec 04, 2019
European analytics-startup Ultinous pitches customers to "Have your own video analysis service!" We spoke to Ultinous to better understand their...
Access Startup Multi-Mount Aims To Streamline Reader Installs on Dec 03, 2019
Startup Multi-Mount claims it makes installing access readers 'Fast', 'Secure,' and fit 'any size frame.' The company states its bracket 'fits most...