Products
Security and Surveillance Synergy Software Cloud Evidence Locker Storage IP Cameras
COEX Cameras Hazardous Area Safe Area and Marine Thermal
Industries
Casinos
Cities
Education
Healthcare
Oil & Gas
Prisons
Stadiums and Venues
Tourist Attractions
Transport
Utilities
Resources
Blogs Case Studies eBooks Tech Notes
Webinars White Papers Videos Literature
Support
Technical Documents End of Life Notices
Technical Support How-To Videos
About
Careers Offices Integration Partners Services
News Contact Who We Are Subscribe
Contact
Investor Relations

Products

Security and Surveillance

COEX Cameras

Industries

Cities

Casinos

Oil & Gas

Education

Healthcare

Prisons

Tourist Attractions

Stadiums and Venues

Utilities

Transport

Support

Technical Documents

How-To Videos

Technical Support

End Of Life Notices

Resources

Blogs

Case Studies

eBooks

Tech Notes

Webinars

White Papers

Videos

Literature

About

Careers

Offices

Integration Partners

Services

News

Who We Are

Subscribe

Contact
Home - Resources - 4 Things You Should Know About Video Encryption

Blog

4 Things You Should Know About Video Encryption

Published:

July 2023

Encryption is an important component of your overall cyber security infrastructure. Here are four ‘encryption essentials’ to help keep your surveillance data safe and secure.

Encryption is an important component of your overall cyber security infrastructure. Here are four ‘encryption essentials’ to help keep your surveillance data safe and secure.

1. Don’t overlook encrypting ‘data at rest’

There are two types of data. For instance, data in transit travelling from the camera to the server or is sent to the cloud. And data at rest, referring to surveillance data held on servers, evidence lockers, storage devices etc.

The former is typically considered the greater security risk for CCTV systems, the fear being that hackers can more easily intercept surveillance data while it is ‘moving’. But often, data held is potentially deemed more valuable, with would-be hackers thinking it’s “kept for a reason”. Encryption measures should be employed in both cases.

2. Know what encryption strategies your system provider employs

Your surveillance solution provider should employ a mixture of encryption techniques to keep your data safe, so knowing what to look out for is useful.

AES-256 is regarded as the gold standard for data encryption and is typically, but not exclusively, applied to data at rest. This is often paired with secure transport protocols such as HTTP encryption (HTTPS)  – something all internet users will be familiar with – and Transport Layer Security (TLS), a transport protocol that provides end-to-end security for data in transit over the internet. Make sure your provider is using TLS v1.2, at least.

3. Encryption is not the same as ‘hashing’ (but both are vital!)

Encryption is a two-way process to maintain data security. It is designed to be reversible. Data is encrypted with a specific encryption key and returned to its original state when an authorised individual uses an agreed decryption key.

By contrast, hashing is a one-way process for data validation. Once a Secure Hash Algorithm (SHA) has been applied to surveillance data it creates a unique number. That number will only change if the data concerned has been altered somehow, making hashing vital for things like evidence validation. Both should be employed as part of any surveillance system.

4. It’s important to encrypt your system set-up

One area of encryption often overlooked is system configuration. It’s all very well encrypting data at rest and/or in transit, but that information is still vulnerable if someone knows how your system is configured. It’s like creating a pattern lock for a phone and then leaving a post-it note reminder on the device.

Most surveillance systems will offer manual encryption, but the best option is to select a solution that provides system configuration encryption by default. It’s also worth looking for solutions that monitor configurations and system activity to flag potential security risks, e.g. password vulnerabilities.

Surveillance at the Edge Explained

Explore

Understanding Product Certification

Explore

Is Your Surveillance Solution Cyber-Secure?

Explore