IPVM Site Goes All HTTPS, Largest 3 Manufacturers Do Not [Axis, Dahua Fixed]

Author: John Honovich, Published on Jul 12, 2016

IPVM.com now serves all pages over HTTPS to improve security and privacy. However, a number of video surveillance manufacturers do not, including the largest 3. We review both of these items, including notable manufacturers lack of support in this report.

Moving to All HTTPS

HTTPS encrypts connections between a visitor and a server / site like IPVM. This reduces risk against attacks, tampering and eavesdropping when visiting a site.

HTTPS everywhere is a rising trend. Historically, HTTPS was used only for specific pages on a site, such as login / authentication and sending of specific sensitive information. Over the last few years, technology leaders have increasingly shifted to using HTTPS for all connections. In particular, Google is campaigning for "HTTPS Everywhere".

Adding EV Certificate

In addition to serving all IPVM.com pages over HTTPS, we have obtained an Extended Validation (EV) Certificate. This goes beyond simply using an HTTPS connection, adding an identity validation process (where a certificate authority manually verifies an organization) to provide further assurances to our visitors.

Now, IPVM pages show an additional Green bar on Chrome, signifying our EV certificate, before the URL entry like so:

This is similar to the security / assurances large corporations provide, e.g., here is Bank of America:

Get Video Surveillance News In Your Inbox
Get Video Surveillance News In Your Inbox

Benefits

While there are always cyber security risks and HTTPS is not a cure all, we expect implementing HTTPS site wide and adding an EV certificate to improve security and privacy when viewing IPVM.

For those wanting more direct benefits, Google indicates potential SEO / search traffic improvements for sites using HTTPS.

Moreover, the process of doing this was not particularly hard. Even a site with as many sections / elements as IPVM took less than 40 hours total to do the migration, solve any bugs in the transition and get the EV certificate added.

Industry Support

However, quite a number of large industry players do not.

No Default HTTPS

Of the manufacturers IPVM most frequently covers, here are those who do NOT default to HTTPS:

This includes the 3 biggest manufacturers in the world, companies one would expect to be on the forefront of things like that (Hikvision and their 5,000 engineers, Axis and their cybersecurity marketing, etc.)

UPDATE and Axis Warning

Not only does Axis not use HTTPS by default, they do not use HTTPS on their login page. This presents a risk of one's password being stolen before it is submitted via HTTPS. This is demonstrated at StealMyLogin. [Hat tip U1, who called this out in the comments]

Unfortunately and ironically, Axis requires this insecure login to access firmware to solve their critical security vulnerability (which we strongly recommend you do).

[Update Nov 2016: Axis has added HTTPS for their login page.]

[Update April 2017: Dahua has added HTTPS for their website]

Yes Default HTTPS

By contrast, here are some manufacturers that DO default to HTTPS:

Distributors

Both ADI and Anixter default to HTTPS. Surprisingly, PSA Security, who is heavily marketing cybersecurity, has not. Additionally, Tri-Ed has not either.

Associations

ASIS defaults to HTTPS and has an EV certificate but SIA, who is also heavily marketing cybersecurity, has not.

Trade Magazines

None of the 7 trade magazines we checked had defaulted to HTTPS though, in fairness, they are still focused on print.

Outlook

Larger organizations that have lots of customers should default to HTTPS. We definitely expect many more manufacturers to do so.

If you have more information or you company has moved to site-wide HTTPS, leave a comment so it is noted.

Comments (44): PRO Members only. Login. or Join.

Related Reports on Marketing

Why 3VR Failed on Feb 16, 2018
3VR destroyed transformed ~$65 million in VC funding into a $6.9 million exit. The reason they failed is simple. They bet on analytics. They...
Convergint Damage Control on Feb 07, 2018
Convergint needs you to understand. When Convergint acquires companies, as they continuously do, it is an acquisition, e.g.: But when...
Canon Launches World's Most Expensive IP Camera (ME20F-SHN) on Jan 09, 2018
Canon has launched the ME20F-SHN , likely the world's most expensive single imager, non-thermal, IP camera at ~$20,000. And Canon subsidiary...
Testing $20 WyzeCam, The Money Losing Amazon Vet Startup on Dec 12, 2017
This startup is perfecting the old adage: We lose money on every sale, but make it up on volume But it is no joke. The company, Wyze Labs, is...
2018 Video Surveillance Cameras Overview on Dec 11, 2017
This report concisely explains the developments for surveillance cameras offered in 2017 and the state of offerings going into 2018, including...
Lighthouse Deep Learning Camera Tested on Dec 07, 2017
A Silicon Valley startup, Lighthouse, with a Stanford PhD CTO, has released a deep learning AI camera with 3D sensors for just $300. The company...
ASIS Dumps 'ASIS' For Show on Dec 06, 2017
After 60+ years, ASIS is dumping its eponymous show name and replacing it with 'GSX'. This is a classic marketing mistake. For a show struggling...
Security 101 / Axis Charity Contest on Nov 30, 2017
Integrator Security101 and manufacturer Axis Communications have teamed up for what they call the "Gift of Security", saying they "will...
Hikvision Chinese Government Owner CETHIK Exposed on Nov 20, 2017
Hikvision deceives about its Chinese government ownership. Contrary to their claims about 'independence' and simply having 'shareholders' that are...
Hikvision China Criticizes The WSJ on Nov 15, 2017
Hikvision, through the Chinese government's authoritative news service, has criticized the WSJ investigation into Hikvision. In this...

Most Recent Industry Reports

Why 3VR Failed on Feb 16, 2018
3VR destroyed transformed ~$65 million in VC funding into a $6.9 million exit. The reason they failed is simple. They bet on analytics. They...
"Fear Mongering": Hikvision USA Cybersecurity Director Dismisses Chinese Government Ownership Concerns on Feb 16, 2018
The facts are: The Chinese government created Hikvision and is Hikvision's controlling shareholder. Hikvision's Chairman, a Communist Party...
16:9 vs 4:3 Video Aspect Ratio Statistics on Feb 16, 2018
What aspect ratio do security integrators prefer? The 'standard' 4:3 or the 'wide' 16:9 one? 100+ integrators told us what they preferred, with...
Mercury Releases New Series 3 Redboard Access Panels on Feb 15, 2018
Mercury Security has their first major product release post-HID buyout, and things literally look different. The Series 3 SIO boards now are red...
Last Chance February 2018 Camera Course on Feb 15, 2018
This is the last chance to get into the Winter camera course, starts next Tuesday. Register now. IPVM provides the best education, live online...
Hikvision DeepInMind Tested Terribly on Feb 15, 2018
While Hikvision is heavily marketing deep learning and 'AI' as their next big thing, new IPVM test results of their DeepInMind NVR shows their deep...
Genetec CEO: You Cannot Buy Trust on Feb 14, 2018
Genetec's CEO, Pierre Racz, delivered a direct message at their channel partner conference: Racz has become a focal point in the industry debate...
Assa's Lowest Power Draw Maglock: Securitron M680E Examined on Feb 14, 2018
Securitron produces some of the most extreme maglocks on the market, including massively strong maglocks and even ones with integrated CCTV cams...
Hanwha Wisenet X 5MP Camera Tested (XNV-8080R) on Feb 13, 2018
Wisenet X is Hanwha's high-end camera line. We tested their Wisenet X 1080p camera last year. Now Hanwha is offering 5MP cameras listing super low...
Top Problems For Integrator Project Management on Feb 13, 2018
Security projects routinely encounter issues that jeopardize deadlines, create confusion, and shrink profits. Unfortunately, there are common...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact