Dahua’s 7 Modules of Cybersecurity

According to Symantec, IoT attacks went up by 600% in 2017, leaving many feeling more vulnerable than ever before. Despite physical security measures, many organizations and individuals are unsure of what cybersecurity steps to take. Dahua’s 7 Modules of Cybersecurity are designed to protect sensitive information from digital intruders while keeping it simple for users.

 Identity Security

Identity security is a simple, but powerful, protocol made up of two components. Beginning with password security, this measure includes forced password setting after an initial log in, preventing access with default credentials after deployment. The second component is Digest Access Authentication, a credential exchange between device and client confirming user identity before sending ANY information.

Access Control

The second module, access control, automatically disables unsafe services, such as Telnet, SSH and FTP. HTTPS is supported for encrypted connection. Rights Management enables the administrator to limit the rights of each user according to need. Overall, this limits the vulnerability of a system by making highly-sensitive information available only to those who need to access it. Password anti-cracking actively monitors all log-in attempts, if the device detects cracking behaviors, the login request will be refused even if the credentials are correct. Packet Filtering is a firewall technique which monitors incoming and outgoing traffic and filters out unwanted payloads.

When understanding access control, think of it like shutting all of the doors and windows to a home and watching to see if someone tries to pick the only lock available. Even after the “door” is safely opened, the system scrutinizes everything that passes through that point of entry.

Session Security

Once access is granted the communication session between user and host is monitored by time and credentials. This means that every user has a session credential after log-in, used for subsequent authentications. If the session goes dormant, or if the user attempts to request an invalid session credential multiple times, the system will flag and end the session. All sessions related to that specific IP address will then be forcibly logged out until authentication is proven.

Data Security

Data security ensures all sensitive data is protected by an advanced cryptographic key mechanism, allowing only authorized recipients to send and receive data. Simply put, the “digital envelope” housing the sensitive data can only be opened using both keys, guaranteeing only approved recipients can “read” it.

Protocol Security

Protocol Security uses industry standard protocols, many of which are open-source. Using protocols that are peer reviewed upholds standards and improves quality.

Security Audit

Involving improvements to the systems log, the sixth module focuses on logging changes to a system. Every alteration made to the system by any user, is logged for security purposes. Permissions to delete or change logs are greatly restricted, meaning only verified admins have this ability.

Special Security

The seventh, and final module for cybersecurity is special security. This measure ensures the integrity of firmware upgrade packages, guarding against any unwanted payloads.

While cybersecurity is still a point of pain for many, Dahua’s new systems with built-in protective measures, easily verified software and data security protocols aim to make the process less daunting. By taking meaningful steps towards securing surveillance equipment, organizations and individuals alike can better protect themselves from cyber threats.

 

Adopted May 2018