IPVM Site Goes All HTTPS, Largest 3 Manufacturers Do Not

Author: John Honovich, Published on Jul 12, 2016

IPVM.com now serves all pages over HTTPS to improve security and privacy. However, a number of video surveillance manufacturers do not, including the largest 3. We review both of these items, including notable manufacturers lack of support in this report.

Moving to All HTTPS

HTTPS encrypts connections between a visitor and a server / site like IPVM. This reduces risk against attacks, tampering and eavesdropping when visiting a site.

HTTPS everywhere is a rising trend. Historically, HTTPS was used only for specific pages on a site, such as login / authentication and sending of specific sensitive information. Over the last few years, technology leaders have increasingly shifted to using HTTPS for all connections. In particular, Google is campaigning for "HTTPS Everywhere".

Adding EV Certificate

In addition to serving all IPVM.com pages over HTTPS, we have obtained an Extended Validation (EV) Certificate. This goes beyond simply using an HTTPS connection, adding an identity validation process (where a certificate authority manually verifies an organization) to provide further assurances to our visitors.

Now, IPVM pages show an additional Green bar on Chrome, signifying our EV certificate, before the URL entry like so:

This is similar to the security / assurances large corporations provide, e.g., here is Bank of America:

Get Video Surveillance News In Your Inbox
Get Video Surveillance News In Your Inbox

Benefits

While there are always cyber security risks and HTTPS is not a cure all, we expect implementing HTTPS site wide and adding an EV certificate to improve security and privacy when viewing IPVM.

For those wanting more direct benefits, Google indicates potential SEO / search traffic improvements for sites using HTTPS.

Moreover, the process of doing this was not particularly hard. Even a site with as many sections / elements as IPVM took less than 40 hours total to do the migration, solve any bugs in the transition and get the EV certificate added.

Industry Support

However, quite a number of large industry players do not.

No Default HTTPS

Of the manufacturers IPVM most frequently covers, here are those who do NOT default to HTTPS:

This includes the 3 biggest manufacturers in the world, companies one would expect to be on the forefront of things like that (Hikvision and their 5,000 engineers, Axis and their cybersecurity marketing, etc.)

UPDATE and Axis Warning

Not only does Axis not use HTTPS by default, they do not use HTTPS on their login page. This presents a risk of one's password being stolen before it is submitted via HTTPS. This is demonstrated at StealMyLogin. [Hat tip U1, who called this out in the comments]

Unfortunately and ironically, Axis requires this insecure login to access firmware to solve their critical security vulnerability (which we strongly recommend you do).

[Update Nov 2016: Axis has added HTTPS for their login page.]

Yes Default HTTPS

By contrast, here are some manufacturers that DO default to HTTPS:

Distributors

Both ADI and Anixter default to HTTPS. Surprisingly, PSA Security, who is heavily marketing cybersecurity, has not. Additionally, Tri-Ed has not either.

Associations

ASIS defaults to HTTPS and has an EV certificate but SIA, who is also heavily marketing cybersecurity, has not.

Trade Magazines

None of the 7 trade magazines we checked had defaulted to HTTPS though, in fairness, they are still focused on print.

Outlook

Larger organizations that have lots of customers should default to HTTPS. We definitely expect many more manufacturers to do so.

If you have more information or you company has moved to site-wide HTTPS, leave a comment so it is noted.

Comments (33): PRO Members only. Login. or Join.

Related Reports on Marketing

3VR Sales And Marketing Execs Out, Company Shifting on Nov 22, 2016
Two executives are out at 3VR, both after relatively short tenures at the company. 3VR's CEO says this is part of a shift to cover new markets....
Top Manufacturers Gaining and Losing 2016 on Nov 21, 2016
Hikvision has been the top gaining manufacturer in IPVM's annual integrator survey the past 2 years (see 2015 results and 2014 results). Can they...
Sony and Bosch Combine Forces on Nov 15, 2016
Two of the biggest brands in the video surveillance industry are joining forces. Following a wave of industry consolidation and the race to the...
Samsung Brand 'Phasing' Out For Hanhwa Techwin on Nov 14, 2016
The phasing out of the Samsung brand for video surveillance products continues. First, it was the corporate name changing from Samsung Techwin to...
Milestone Launches $50,000 Developer Contest on Oct 26, 2016
Milestone wants independent developers to enhance XProtect. In a hackathon-style contest Milestone is soliciting developers to submit ideas for a...
"WTF?!?!? Who is Brian Karas?!?" Exclaims Knightscope on Oct 21, 2016
Knightscope co-founder Stacy Stephens emailed us: He may not have intended to send it to us and he probably can figure out who Brian Karas is,...
IHS Sells Credibility To Manufacturer Sponsorships on Oct 18, 2016
A valuable manufacturer opportunity or a conflict of interest? Trade magazines have long offered promotional whitepapers and webinars to...
No Marketing Gimmick, Sharp Security Robot Targets Professional Market on Oct 17, 2016
Security robots are getting a lot of attention. Unfortunately, this is often for wrong reasons, most spectacularly highlighted by the Knightscope...
The 'Last Chance to Save' On Hikvision Is Here on Sep 29, 2016
It is over. After at least 8 across the board price cuts in the past 10 months, including an unprecedented back to back 20% off, Hikvision has...
How To Become an 'Expert' In An Hour on Sep 02, 2016
If you want to be perceived as an expert in your market, speak at every event possible... the math is simple: when someone stands in front of an...

Most Recent Industry Reports

Hikvision vs Dahua Mobile Apps Tested on Dec 07, 2016
With smartphone use and low-cost video recorders surging, many user's main interface to their surveillance system is their phone. With mobile video...
Paxton Drops US Reps, Plans Major Expansion on Dec 07, 2016
Paxton is gearing up to make a big run at  US access control success. The first step they have made is to cut all US Rep Firms, in anticipation of...
Axis Partner Elder Care Video Analytics (Smartervision) on Dec 07, 2016
Can video analytics be used to improve the care of the elderly? Axis and a video analytics startup, Smartervision, are working together to do so....
Power Drill Selection Guide on Dec 06, 2016
Boring holes is a basic part of running cables for most security system projects. To do so, you will need to choose the right drills for various...
Milestone Favorability Results on Dec 06, 2016
In our second installment of manufacturer favorability results (first was Pelco), we turn to Milestone. 100+ integrators rated and explained what...
XiongMai Master Password List Emailed By Chinese Spammer on Dec 05, 2016
XiongMai created an international uproar as their devices drove massive botnet attacks of major Internet sites. After pledging to recall cameras...
Hikvision Cloud Security Vulnerability Uncovered on Dec 05, 2016
A security researcher uncovered a critical vulnerability in Hikvision's global cloud servers. This vulnerability allowed an attacker to remotely...
Door Operators Access Control Tutorial on Dec 05, 2016
Doors equipped with door operators, specialty devices that automate opening and closing, tend to be quite complex. The mechanisms needed to...
Pelco Favorability Results on Dec 02, 2016
This is the first in a series of studies of manufacturer favorability. 100+ integrators rated and explained their views of each manufacturer. We...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact