Residential Video: How Secure Can It Be?
The use of video surveillance equipment for residential installations is on the rise. But as dealers install more residential video systems, they also need to be aware of the unique concerns involving the security of that equipment and its connection to the outside world and take appropriate measures to protect their customers’ privacy and security.
Several factors are driving the increased popularity of video surveillance in the residential market, including a decrease in equipment prices and the increased availability of 3G cellular services that make it easy for owners to look in on their homes from handheld devices.
“It’s another way to check their home when they’re away,” comments Bill Boodman, president of Bill’s Sound and Security, a Costa Mesa, Calif.-based dealer.
People also like to use remote viewing capability â€” from a handheld device or desktop computer â€” to see what their pets are doing or, in the case of a second home, what the weather is like.
Demilune/Audio Labs, a Des Moines, Iowa-based systems integrator, now sells video surveillance capability with three out of four of its home automation installations. When video is tied in with home automation, homeowners can see what’s going on outside their home from their television â€” a capability that is popular with people whose spouses travel frequently, notes Harry Aller, Demilune/Audio Labs’ owner.
Although security dealers interviewed for this story say most residential customers who have video surveillance equipment also have alarm systems, those systems usually aren’t sold together. Instead, the video is added later and typically isn’t monitored by the central station. Some people don’t like the idea of central station operators being able to get such a close-up view of their home. Others simply don’t want to pay for video monitoring. Their real motivation for buying video is their own remote viewing capability.
The residential integrators of these projects say that other than concerns about the central station, most homeowners are not concerned about the security of the video connection itself. Nevertheless, dealers should be aware that certain risks do exist. The cameras or digital video recorders used for residential video installations typically use the Internet protocol for communication and as such can be at risk of problems, such as hacking.
Although the integrators interviewed here have not seen any extreme examples of this, they all agreed that it’s important to take appropriate steps to prevent such occurrences and to inform customers about how they should and shouldn’t use video surveillance.
9 Ways to Make Video More SecureHere are nine different ways residential integrators can make equipment and connections installed in residential video applications as secure as possible.
1. Check the security of the customer’s existing broadband connection.
Today’s video surveillance systems rely on the customer’s broadband connection â€” typically a DSL or cable modem that also connects the customer’s home computer to the Internet. Todd King, president of New Tech, a Missoula, Mont.-based security dealer, makes sure that the computer has appropriate firewall protection and, if not, advises customers to address that requirement before connecting any video surveillance equipment to that connection.
2. User passwords should be used appropriately.
“People should change their password every few months,” advises Preston Colston, vice president for Global Surveillance LLC, a Salt Lake City-based dealer. “And they shouldn’t use passwords that people could easily guess.”
3. Use administrative passwords appropriately.
If clients just want to be able to play back and view video, they may not need an administrative password. But if a client is technology savvy and wants to have the administrative password, technicians at Phoenix-based dealer Morgan Security & Sound will give it to him. “We also add one for ourselves with their permission,” notes Ron Koistinen, co-owner of Morgan Security & Sound. Typically the company also gives homeowners a record of that password, cautioning them to store it in a safe place in the event that the customer may one day go to a different security company.
4. Consider using cameras only outdoors.
If the security of an outdoor camera were to be compromised, hackers would simply get a view of areas that typically are not totally private anyway. But because of the threat of hacking, installers may want to avoid installing cameras indoors unless there is a compelling reason.
5. Consider a kill switch for indoor cameras.
Some customers may have an important reason for installing one or more indoor cameras. For example, a Demilune/Audio Labs customer wanted the ability to check on her pets when she was not home. To give her that ability but also help ensure the client’s privacy, the integrator installed a switch to cut power to the indoor cameras that the client can use when she is home.
6. Consider using a hardwired solution.
Because wireless communications are easier to intercept than wired communications, several dealers we spoke with recommend using hardwired components for residential video installations as much as possible. “We only use wireless if a hardwired system isn’t practical,” said Jeff Scheurman, chief operating officer for Global Surveillance.
7. Provide a means of physically protecting cameras.
Video cameras can be vulnerable to vandalism, so dealers should mount them where they will be difficult for vandals to reach. When Demilune/Audio Labs installs video surveillance in combination with an HAI alarm system, the system can be set up to start recording the minute an intruder walks in the front door. “It will take a snapshot of all the cameras and e-mail it to the owner,” Aller explains. “That way you’re getting images off-site so if the intruder decides he has time to get to the DVR, the e-mail has already been sent.”
8. Restrict inbound and outbound communications
to appropriate port numbers.
“If we’re connecting to a client site, we put in our IP address and a specific port,” notes Brad Humphries, vice president and director of operations for Mishawaka, Ind.-based Indiana Security Systems. Using that approach, he says, “the system can’t be accessed from just any port â€” we do the same thing for the client’s office and cell phone.”
9. Consider a higher level of encryption for higher-security installations.
For installations requiring a higher level of security, dealers should consider equipment that can provide a higher level of encryption.
Higher Level Encryption Helps Secure Virtual DoormanVirtual Service, a New York City-based security dealer, offers a monitored residential video system for apartment buildings aimed at enhancing security and eliminating or minimizing the need for a doorman. Marketed under the name Virtual Doorman, the system integrates video with access control so that, for example, a central station operator can respond to package delivery people â€” confirming the delivery person’s identify via video, unlocking the front entrance and watching the person put down the package and leave the premises. Cameras also may be installed in public areas such as laundry rooms and roof decks.
“Our sweet spot is buildings with between five and 100 units,” explains Colin V. Foster, vice president of sales for Virtual Service. Because the systems are so extensive, Virtual Service wanted to provide a higher level of protection against hackers than some other security systems provide.
“Each of our sites uses a VPN tunnel with triple DES encryption,” Foster describes. “Theoretically it makes hacking impossible.”
Noting that “impossible” may be too strong a word, Foster says, “It certainly makes it exponentially more difficult.” As a result, he says, would-be hackers are likely to move on to a different location with fewer safeguards.