Seeing off the Cyber threat
Our grandparents’ generation will tell us they lived in areas where they could leave their front doors unlocked when they went to work or at night. Sadly, those days have gone and every home nowadays will be securely locked, with many equipped with intruder alarms or even video surveillance. Security in the business world has also had to reflect changes in society with investment needed in the latest electronic security technologies in order to protect property, people, data and assets.
With increased migration from legacy analogue systems to IP network based solutions, there is the added threat to the integrity of the actual systems that are supposed to be offering protection. This threat can come via the security systems’ ‘back door’. More about this later, but there is a shared responsibility for cybersecurity; product vendors, integrators and end users all play an important role.
The introduction of IP network security solutions has delivered significant benefits, not the least of which has been the ability to integrate a wide range of security, building management and business intelligence systems. The result had been to deliver a far more powerful, effective, and easy to use solution that enables businesses to identify opportunities to be more productive, ensure compliance with health & safety policies and help security personnel keep one step ahead of thieves, vandals and saboteurs.
The potential downside to IP based systems is that they are targets for cyber attack and there have been many incidents over recent years of security systems being compromised by the determined efforts of individual opportunistic hackers, as well as organised criminal gangs, who have succeeded in obtaining access to confidential data or video.
You may be involved in mission critical activities which demand a high level of security or you may be a small business owner with a small number of fashion stores. Either way, malicious cyber attacks can have dire consequences.
Johnson Controls, Cyber Solutions Product Security Program
The threat to the reputation of the electronic security industry and more importantly, the potential consequential loss to our customers, has fully justified the significant efforts made by Johnson Controls’ design engineers to ensure the credentials of security solutions is our number one priority.
The Johnson Controls, Cyber Solutions Product Security Program is a holistic approach to Cybersecurity for physical security products. It has been developed with the benefit of experience of providing high security and mission critical solutions to Government and multi-national customers.
The program takes on-board feedback from IT, security professional and cybersecurity experts in order to combine best practice during the product development, testing and evaluation process, as well as configuration guidelines for compliance in order to protect our physical security products from attack, damage, disruption, unauthorised access or misuse.
The holistic methodology to this program is designed to give installers, systems integrators and end- users the confidence that Johnson Controls has minimised the possibility of introducing vulnerabilities into its Tyco branded electronic security solutions. The cybersecurity mindset is applied across the entire Tyco security solutions portfolio which includes Software House access control solutions, American Dynamics video management systems, and Illustra IP cameras.
The Back Door
An unsecured IP camera or access control device serve as point of access where a hacker can penetrate a security system as it offers the opportunity for hackers to find a way onto a company’s network with the possibility to gain access to company confidential data, disable systems and disrupt operations. With this in mind, in addition to the testing conducted by our Cyber solutions team, we arrange for independent testing to be conducted annually on our products to ensure that any new firmware or software updates do not open the ‘back door’.
Johnson Controls understands that risk may increase as hackers find new ways to attack and products must continuously evolve to provide sufficient protection with the announcement of a new vulnerability. The Cyber solutions team is constantly monitoring a variety of sources, from the US National Vulnerability Database, to various media and professional sources to identify new vulnerabilities that may impact our cyber program-compliant products.
Want to know more? Visit https://tycosecurityproducts.com/CyberProtection/ to learn more about our Cyber Solutions Product Security Program