Dahua Cyber Security

At Dahua Technology we understand the importance of network security, along with the confusion and concern it can often bring. We strive to keep our manufactured products as secure as possible, and to educate our customers and end-users so that they have the information they need to establish cybersecurity in the finished installation and end-user network.

Cybersecurity Challenges
Artificial Intelligence & Internet of Things (AIoT) collects data from different levels of the Internet of Things, and can be subject to big data analysis, AI or other technologies. Such technology combined with worldwide interconnectivity can blur  traditional cybersecurity boundaries, posing greater challenges to cybersecurity.

  • Diversity of devices: There are many kinds of devices, different hardware and software architectures, and uneven performance, which make the implementation of security protection measures difficult.
  • Multiplicity of communication protocols: Devices can use a large number of transmission protocols. The security features of these protocols vary greatly, resulting in uneven transmission protection capabilities.
  • Openness of network: The traditional network environment of hardware devices is relatively closed, and its security boundary is relatively controllable. However, in the AIoT environment, many devices are directly exposed to wide area networks. With the emergence of computer aided analysis (A.I.), this has lead to a diversification of attack methods and a greater range of threats

Product Security Center
In order to help users clearly understand the security status and capabilities of the device, the product security center will assist users to conveniently and quickly set up the right security configuration to suit the scenarios. General security capabilities include privacy protection, video encryption, security alarm, trusted protection, CA certification management, key management service, attack defense

If you have any questions or concerns, please contact us at CyberSecurity@dahuatech.com, or call our cyber security hotline at 877-609-1936.

Steps to Create a More Cyber-Secure Security System

Cybersecurity is more than just a trending topic; it’s a set of protocols and strategies designed to protect every device that is connected to the Internet. IP video surveillance systems are not immune to cyber risks, but taking simple steps toward protecting and strengthening your networks and network devices will make them less susceptible to attacks. Below are some tips and recommendations from Dahua on how to create a more cyber-secured solution:

Passwords

  • Should be at least 8 characters; Include at least two types of characters: upper and lower case letters, numbers and symbols. Keep it in a secure place you can easily get to.
  • Change passwords periodically
  • Set security questions and answers, and specify reset email

Allocate accounts and permissions appropriately

  • Appropriately add users based on service and management requirements and assign minimum permission sets to users.

Enable account lockout function

  • The account lockout function is enabled by default. Keep it enabled to protect account security. After multiple failed password attempts, the corresponding account and source IP address will be locked.

Update firmware when available

  • Device firmware should be updated to the latest version to ensure the latest functions and security are updated. If the device is connected to the public network, it is recommended to enable the online upgrade automatic detection function.

How to Create a More Cyber-Secure Security System for Your End-Users

It takes a few simple steps towards protecting and strengthening your client’s networks and network devices to make them less susceptible to attacks. Below are some tips and recommendations from Dahua on how to create a more cyber-secured solution:

Turn off non-essential services and use safe mode

  • If not needed, it is recommended to turn off some services such as SSH, SNMP, SMTP, UPnP, AP hotspot, Multicast etc., to reduce the attack surfaces.

Enable HTTPS/SSL

Enable IP Filter

MAC address binding

  • It is recommended that you bind the IP address of the gateway to the MAC address on the device to reduce the risk of ARP spoofing.

Build a secure network environment

  • Disable the port mapping function of the router to avoid direct access to the intranet devices from external network
  • Partition the network: if there is no communication demand between the two subnets, it is recommended to use VLAN, gateway and other methods to partition the network to achieve network isolation

Dahua has employed a baseline standard to ensure cybersecurity is a priority throughout product development. Learn more about our baseline below.

  • Physical Security: From the perspective of physical protection of the product itself, using actual physical structural means as a protective measure to provide a secure and reliable physical framework for the product.
  • OS Security: The operating system is the manager of resources, provides the basic operation environment for services, and constructs a secure and reliable fundamental operation environment through trusted computing, virtual technology, permission control and other technologies.
  • Application Security: Form a closed-loop security protection structure based on authentication, authorization and auditing to strengthen the self-security capabilities of the service function at the application layer.
  • Data Security: Based on cryptographic technology, the whole life cycle of data collection, transmission, storage, usage, sharing, display, copy, deletion and other security protection is built to avoid data leakage, tampering and destruction。
  • Network Security: Introduce host intrusion detection, firewall and other defense technologies to improve the active awareness and defense capabilities against cyberattacks.
  • Privacy Protection: Based on privacy function design, providing users with better privacy protection capabilities.