Colombia. Video surveillance and closed circuit television (CCTV) systems have spread throughout many sectors of the economy. From neighborhood stores, to military installations, through private companies and public entities, all have CCTV to improve their security, but in the same way that their use has become widespread, threats against the valuable information that is captured and stored by these systems have also grown.
For this reason, the protection of critical information, captured by a CCTV, begins from the moment of its implementation. According to engineer Camilo Sánchez, Regional Sales Manager of Pelco by Schneider Electric, "the first step is to make a general review of the system to check its proper functioning. There are checklists, where a series of tests are contemplated to which the system must be subjected when its installation is completed. Among them are, the verification of recording of all cameras, the configuration of recording agendas, the creation of users and security keys, as well as the tests of exporting videos to external media and livelihoods. "
At this stage, one of the most common mistakes is to leave the administration password that the teams bring from the factory by default because anyone will be able to enter the system at ease. The recommendation is to first change that password and use what are called strong keys, which combine letters, numbers and special characters. Additionally, firewall or firewall devices must be available in case the computers have internet access.
Regarding the physical location, the expert at Pelco by Schneider Electric advises: "Recording equipment should be located in a restricted access area and its shelves or racks under lock and key, in order to prevent any possible sabotage. The monitoring room of the recordings, these must have access control to prevent security personnel from being vulnerable to an assault and in relation to password protection must make use of the different levels or security profiles for each user, that is, the operator users must not have access to the system configuration. Only administrators should have these kinds of privileges."
Other practical recommendations to keep in mind are, first of all, to disable the UPnP (Universal Plug and Play) protocol of the cameras because it makes the devices visible to any user of a PC with Windows operating system on the network. Although said user does not have the possibility to enter the devices, if he can visualize and this can generate a potential security problem.
In all cases, it is necessary to have proven operational personnel and carry out a strict maintenance program to the equipment to ensure that its effectiveness is one hundred percent.
