IPVM Site Goes All HTTPS, Largest 3 Manufacturers Do Not [Axis Fixed]

Author: John Honovich, Published on Jul 12, 2016

IPVM.com now serves all pages over HTTPS to improve security and privacy. However, a number of video surveillance manufacturers do not, including the largest 3. We review both of these items, including notable manufacturers lack of support in this report.

Moving to All HTTPS

HTTPS encrypts connections between a visitor and a server / site like IPVM. This reduces risk against attacks, tampering and eavesdropping when visiting a site. 

HTTPS everywhere is a rising trend. Historically, HTTPS was used only for specific pages on a site, such as login / authentication and sending of specific sensitive information. Over the last few years, technology leaders have increasingly shifted to using HTTPS for all connections. In particular, Google is campaigning for "HTTPS Everywhere".

Adding EV Certificate

In addition to serving all IPVM.com pages over HTTPS, we have obtained an Extended Validation (EV) Certificate. This goes beyond simply using an HTTPS connection, adding an identity validation process (where a certificate authority manually verifies an organization)  to provide further assurances to our visitors.

Now, IPVM pages show an additional Green bar on Chrome, signifying our EV certificate, before the URL entry like so:

 

This is similar to the security / assurances large corporations provide, e.g., here is Bank of America:

Get Video Surveillance News In Your Inbox
Get Video Surveillance News In Your Inbox

Benefits

While there are always cyber security risks and HTTPS is not a cure all, we expect implementing HTTPS site wide and adding an EV certificate to improve security and privacy when viewing IPVM.

For those wanting more direct benefits, Google indicates potential SEO / search traffic improvements for sites using HTTPS.

Moreover, the process of doing this was not particularly hard. Even a site with as many sections / elements as IPVM took less than 40 hours total to do the migration, solve any bugs in the transition and get the EV certificate added.

Industry Support

However, quite a number of large industry players do not.

No Default HTTPS

Of the manufacturers IPVM most frequently covers, here are those who do NOT default to HTTPS:

This includes the 3 biggest manufacturers in the world, companies one would expect to be on the forefront of things like that (Hikvision and their 5,000 engineers, Axis and their cybersecurity marketing, etc.)

UPDATE and Axis Warning

Not only does Axis not use HTTPS by default, they do not use HTTPS on their login page. This presents a risk of one's password being stolen before it is submitted via HTTPS. This is demonstrated at StealMyLogin. [Hat tip U1, who called this out in the comments]

Unfortunately and ironically, Axis requires this insecure login to access firmware to solve their critical security vulnerability (which we strongly recommend you do).

[Update Nov 2016: Axis has added HTTPS for their login page.]

Yes Default HTTPS

By contrast, here are some manufacturers that DO default to HTTPS:

Distributors

Both ADI and Anixter default to HTTPS. Surprisingly, PSA Security, who is heavily marketing cybersecurity, has not. Additionally, Tri-Ed has not either.

Associations

ASIS defaults to HTTPS and has an EV certificate but SIA, who is also heavily marketing cybersecurity, has not.

Trade Magazines

None of the 7 trade magazines we checked had defaulted to HTTPS though, in fairness, they are still focused on print.

Outlook

Larger organizations that have lots of customers should default to HTTPS. We definitely expect many more manufacturers to do so. 

If you have more information or you company has moved to site-wide HTTPS, leave a comment so it is noted.

Comments (37): PRO Members only. Login. or Join.

Related Reports on Marketing

$10,000 Free VMS Licenses For New Dealers IPConfigure on Mar 29, 2017
Another gimmick or a real deal? The company that brought 'Unlimited' Enterprise VMS License for Just $32,000 and a cannon to ISC West are back with...
Hikvision Hires Crisis Communication Writer on Mar 21, 2017
Hikvision has hired a crisis communication writer as the company ramps up its efforts to deal with the 'crisis' it feels it is facing. 'Crisis...
Avigilon Favorability Results on Feb 27, 2017
One of the fastest growing companies has turned into one of the rockiest, as cooling growth, management turnover and a roller coaster stock price...
Hitachi Taking On Security Industry on Feb 09, 2017
Hitachi, bigger than Sony and Panasonic overall, with $89 billion USD 2016 total revenue, is expanding into the security industry. They are...
IPVM For PR / Marketing People on Jan 25, 2017
This post helps PR and Marketing people understand and productively work with IPVM (as much as possible given our independent, often critical,...
Sony Misleading Marketing Hides Cracked Backdoor on Jan 25, 2017
Sony is attempting to deemphasize the severity of the backdoor uncovered in Ipela cameras. Meanwhile, IPVM has verified that the root password for...
PR Firm Pleads Don't Scrap PR Spending on Jan 20, 2017
PR is not dying, warns pleads PR firm. Take 40+ year old industry PR firm LRG, who recently lamented the 'misconceptions' that: Traditional PR...
Dahua UnFavorability Results on Jan 19, 2017
Dahua, the mega-Chinese surveillance manufacturer not primarily owned by the Chinese government has been trying to break out of the shadow of...
ADI Battles Manufacturer Partners on Jan 11, 2017
ADI is battling their manufacturer partners, building up their own competitive house brand W-Box, while manufacturers still fund ADI's business...
Exacq 3 Co-Founders Exit on Jan 10, 2017
Exacq co-founders David Underwood and Daniel Rittman have exited the company. UPDATE: And a 3rd co-founder is now also leaving. In this note,...

Most Recent Industry Reports

Last Day Save $50 - IP Networking Course on Mar 30, 2017
Last Day to Save $50 on the May IP Networking Course. This is the only networking course designed specifically for video surveillance...
Dahua Manager: Lots of Backdoors Beyond Dahua or Hikvision on Mar 29, 2017
A Dahua technical manager has fired back at criticisms of Dahua's backdoor, posting publicly what many at Dahua have privately been saying for the...
$10,000 Free VMS Licenses For New Dealers IPConfigure on Mar 29, 2017
Another gimmick or a real deal? The company that brought 'Unlimited' Enterprise VMS License for Just $32,000 and a cannon to ISC West are back with...
Genetec and Axis Power Comcast's SmartOffice on Mar 29, 2017
Comcast has more than 20 million subscribers and $80 billion in revenue. Now Comcast is partnering with Genetec and Axis to deliver a...
IP Cameras Lose Buy America Protection on Mar 28, 2017
IP Cameras have lost the US government's 'Buy America' protection as the Security Industry Association (SIA) successfully lobbied the government to...
2Gig Intrusion Megatest (GC2 & GC3 Panels Tested) on Mar 28, 2017
2Gig is one of the most widely used intrusion systems, with two product lines that are the main offering of many alarm companies, huge national...
Anixter Favorability Results on Mar 28, 2017
Anixter's direct sales and integrator anger about it has been in the news recently: Anixter / Bosch Sells Direct to Amazon Anixter Touts...
Chinese Government Spies on Churches With Video Surveillance on Mar 27, 2017
The Chinese government is using video surveillance to spy on churches in China, reports UCANews, explaining: The [Chinese government]...
Hanwha Wisenet X Tested on Mar 27, 2017
Hanwha has released their latest generation, the Wisenet X series, powered by their new Wisenet 5 processor. This new series claims improvements...
Burglar Alarm Sirens Guide on Mar 27, 2017
Sirens are used to alert users to an alarm condition. In this note, we examine how to choose, locate, and install alarm sirens, including Siren...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact