Mobotix First CNPP CCTV Cybersecurity Certification Examined

*** *** ** **** and *** ** ***** certification ********? **** **** it ******* **? *** what, ** ********, **** this *********? **** ***** with ******* *** ******** several ******, *********:

• *********** ********
• *******'* ***** ** "********** to ******* *******"
• **** **********: ******* ****** Nonprofit
• *** "*********" *** **********
• ********* ** **** ******
• ********** ** **
• **********: ******* ****** ** Certifications

Certificate ********

******* ******** ***** "********* CNPP" ************ ************ *** different ****** ******, ** shown** *** **** *******:

***** *** *** *** cameras' **** ******:

• **** ********
• **** ************
• **** ********
• **** ****** ****
• **** ****** **
• **** ********

***** *** *** ***** certificates:

• ****-****-**** ***********
• ****-**** ***********
• **** ***********

******* **** **** *********** applies ** *** ******* cameras ****** *** ******** **** ****, ***** ** ******* more *****.

************

**** ** ************** ************* ************ *** is************ * ********* *********** ***. **** ******** ************ for * **** ***** of **********:

***** **** ** *******, is *** ****** **** the ****** ********** ******, for ******* ****-**************** ** ****** ****************, ******'* ******** ************** agency. *** ******* **** Certified ************ **** *** first-ever *** ***** ************ cameras,** *********:

How *** ************* *** ********

*** ******* *******' "********** to ******* *******" *** given * "***** *" score, ***** ** ****'* '** *****–*** **-**' ******* criteria:

***** *** * ***** of * ******, **** 0 ***** *** ***** and * *** ****. Level * ** *** minimum ** ****. ***** 2 ***** ** ***** one "*** ********" ************* was **********:

******* ********* *** *************** remaining ** ****:

• Camera *** *********: no 2-factor authentication; another level of complexity required for the password; users not informed of firmware updates.
• MxManagement ******: "limit connection trials to 20 attempts max per hour"
• MxManagement ****** *** *** *********: "currently, along with the software updates we provide 128 bits MD5 checksums. This is not following the ANSSI recommendations asking for at least 200 bits. SHA-256 or 512 should be used."

******* **** **** **** working ** ****** *****:

** *** ********* ******* on ***** *******. **** the ******* **** **** completed, ** **** ** re-certify ** ** ****** to ******* ***** * status.

*** ****** ******* ******* ************* **** ******** * mix ** ************* ****** analysis *** *********** *******.

Not '*********' *** '**********'

*******, ** *** ******** press ******* ******* ******* these **** ************ ******* a "*********":

**** ***** ******* ***** this ***** * "*********" is ********* ****** ****** ***** ******** **** Mobotix ******** ** **** never ** ****** ** will ****** ********* ** such * ********.

***** ** ******* **** out, ******* ************ **** "we ***'* ******** ********* there **** ** ** penetration ****" *** ********* there ***** ** ** monetary ************ ** **** of * ****. **** then******* *** ***** ********* "**********":

MOVE ******** **** ****, ******* **** **** *** ** *** ** ****

*******'* ***** ******* **** CNPP ***** *** *** cameras ****** "*** ** its ******* ***** ************ camera *******" ***** "*** complete * ****** ***** uses * ****** ********, without *** *********** ** the **** *********."

***** **** ***** *****,*******'* **** ****** ***'* **** ********* and **** ********* ******** so ** *** ******* by *** **** *************. However, **** *** *** disclosed ** *******'* ***** release. ** ********, ******* said:

** ******* ** *********** on *** *** **** of ******* ********* ** they ********* *** **** DNA ** *******.** *** end ** ** [******** year] **** ** *** planning ** *** *** MOVE ****** ******* *** same **** ************* *******.

Compared ** **

** ******** ************* ************* for **-********* ******** ** 2016 ******* ***** **** ******. ** **********,****** ********* **** ******** this ****, ******* *** its******** ****** ******** ***, *** *** ************ ***, ************ *** ***** ***** OEMed ***** ******.

** ******** ** *******, those ********* *** *** claim *** **** ** "guarantee" ** ***** *******. Additionally, *** ***** *** Genetec *** *** *** clearly ****** **** *** beginning, ** ******** ** Mobotix ******* *** *** MOVE ****** *** *** disclosing ****.

**** *************, **** *** limited ************* ** **** and **'* ********, **** seem ******* ** **** there ** * *** of ******* ******** *** penetration *******.

*******, ** ***** ** North *******, *** ** brand ** **** ****** known ***** **** ** not.

**********

******* ***** ************* ********* to ** ** *****. Companies *** *** ***** eager ** **** ********** claims, ********* **'** ******** recently **** **** (************ ****-***** ***** ***************** ******** *** *** GDPR *********, ** ******** Can **).

******* *************, ** ***** when ** ******** **** detailed ******* **********, *** be **********. ****** *** lack ** ******** ******* of **** ******, ** in *******'* ****, ** a *******.

**** *******, ******* *** bigger ********** **** *************, as *** ******* ********* to ******* ***** *** exit ** *** ******* who **** ******** ********* needed *******. ******* **** a *** ******** **** be ******** **** *** that **** ** *** to *** **** ****** Mobotix *** ** *** next ******.