How Does a VPN Make Your DMP Video Solution More Secure?
By Bill Dorman, C|EH
SecureCom Wireless Information Security Officer
May 9, 2019
With breaches at an all-time high and information security under heavy scrutiny, it’s important to understand what manufacturers of your “smart” devices are doing to keep you safe.
The “Internet of Things” is a term that encompasses a large subset of devices with largely varying functions. These include security systems, IP cameras, smart watches, scales, medical devices, appliances, and more. By the year 2020, it’s estimated that there will be more than 20.4 billion IoT devices online.
One serious concern with IoT is how manufacturers secure (or fail to secure) the devices they produce for customers. Some of the largest attack vectors against IoT devices include weak encryption methods, default passwords, and automatic port configuration.
The DMP engineering team works hard to intentionally and thoughtfully design our video products with your privacy in mind. From this intentional effort, the SecureCom EASYconnectVPN™ product offering was born. The EASYconnectVPN™ makes your video solution secure by adding a client access VPN to each video device, creating an encrypted tunnel between your device and the SecureCom servers.
In addition to the SecureCom EASYconnectVPN™, here are a few other unique things that the SecureCom/DMP engineering teams have done to protect your video privacy when you use select DMP Video products:
- Default Passwords – The SecureCom platform protects your video by ensuring that each and every IP camera has a unique username and password when it’s added to your Control System via Dealer Admin or the Tech App.
- VPN Connectivity – The SecureCom Video product enhances your security by transporting all control messages, live video streams, and clips via encrypted means. Specifically, live video is transported via a client access VPN using AES-256-bit encryption.
- No Port Punching – Many video devices that don’t make use of a VPN will automatically configure your firewall/router to open external ports on your public IP address, often without your knowledge. Without the persistence of a VPN tunnel, that is what is typically required to access your video device from the outside world. SecureCom Video devices do not open ports on your firewall.
- Ephemeral Auth Tokens – SecureCom video devices automatically regenerate new live video auth tokens every ten minutes. This means that even if someone were to capture and decrypt a video stream in transit between the SecureCom servers and your phone (which also uses TLS), a new randomized token would be generated within 10 minutes, forcing the attacker to start from scratch!
The following DMP Video products make use of these advanced security features:
- Model V-4408D - 8-Channel NVR
- Model V-4022C - Indoor Cube, 2 MP with Wi-Fi capability
- Model V-4052D - Indoor/Outdoor Fixed Dome, 2 MP
- Model V-4072MN - Indoor/Outdoor Mini Dome Camera
- Model V-5012B - Indoor/Outdoor Bullet, 2 MP
- Model V-5014B - Indoor/Outdoor Bullet, 4 MP
- Model V-5052D - Indoor/Outdoor Fixed Dome, 2 MP
- Model V-5054D - Indoor/Outdoor Fixed Dome, 4 MP
Questions and inquires related to product security features may be directed to firstname.lastname@example.org. Please direct all technical support related questions to TechSupport@DMP.com.