Market Sectors

block 10


How Avigilon is Protecting Against Cyber Vulnerabilities

As the number of internet protocol (IP) connected devices in physical security systems increases, conversations about information security are a natural part of the sales process. Organizations such as the National Institute of Standards and Technology (NIST) are actively proposing an Identify-Protect-Detect-Respond-Recover framework for cybersecurity.
The NIST framework advocates the identification of key business risks due to cyber threats; the protection of data, devices, and services from these threats; continuous monitoring to enable detection of cybersecurity events as they happen; and the development of a clear response and recovery process.

The Three Layers of Avigilon Cyber Protection
The protection of data, devices, and services can be successful only if the network-connected software and hardware implement an appropriate amount of defensive measures to ensure integrity, confidentiality, and availability.

The integrity of a system is compromised when the software is maliciously modified or taken over by an attacker who has learned an administrator-level password. Software defects that permit buffer overflow, database code injection, and cross-site scripting vulnerabilities can also cause a loss of integrity.
Goal: To ensure data and the function of the system are not maliciously or inadvertently manipulated.
    •    No backdoor administrative or maintenance access accounts
    •    Signed and encrypted firmware
    •    Disabling access to the operating system
    •    Fully encrypted control communication
    •    Transport Layer Security Secure Remote Password (TLS-SRP) for client-server connections
    •    Automatic firmware updates

A system's confidentiality is compromised when users circumvent a system's access controls to gain unauthorized access to the data it contains. Most often, a breach in confidentiality is the result of an attacker guessing or obtaining a legitimate user's password to access the system.
Goal: To keep information private and secure.
    •    Centralized user control through Active Directory integration and/or parent/child user sharing
    •    Password strength enforcement
    •    Ability to bulk-change camera passwords from Avigilon Control Center (ACC)™ video management software
    •    Lock-out on multiple invalid login attempts

In addition to loss of confidentiality and integrity, the availability of a system and its data can be compromised by external attacks. These usually take the form of a denial of service (DoS) attack where an attacker bombards a system with requests. Although it is difficult to protect against all forms of these attacks, the effect is usually temporary.
Goal: To ensure system uptime and continuity of function.
    •    Progressive back-off on multiple invalid login attempts
    •    Separate, limited-access gateway for thin client (web and mobile) access to video
    •    802.1x device authentication

Download the Avigilon Cybersecurity Flyer PDF


Recent Videos

IntraLogic's official release of the "One Button" Lockdown system on CBS 2 News.
HID Global is opening the door to a new era of security and convenience.  Powered by Seos technology, the HID Mobile Access solution delivers a more secure and convenient way to open doors and gates, access networks and services, and make cashless payments using phones and other mobile devices. ...
Mobile device forensics can make a difference in many investigations, but you need training that teaches you how to get the most out of your mobile forensics hardware and software, and certifies you to testify in court. Read this white paper to learn how to evaluate mobile forensics training...
PureTech Systems is a software company that develops and markets PureActiv, its geospatial analytics solution designed to protect critical perimeters and infrastructure.  Its patented video analytics leverage thermal cameras, radars and other perimeter sensors to detect, geo-locate, classify, and...