Exclusive expert tips, customer stories and more.
Cybersecurity is undeniably one of the biggest challenges for modern video security systems. The increasing use of cloud technologies, AI and IoT strategies do not make the situation any easier. In the following blog post, we have addressed four key questions on the topic of "cyber-secure video surveillance" and discussed what measures are explicitly taken at Dallmeier to prevent "your camera calling home".
Even before the corresponding technical precautions, there is another aspect for us when it comes to cybersecurity: Our "Made in Germany" strategy means that we have an extremely high level of development and manufacturing depth. This enables us to ensure at every step of the process – from development to programming, manufacturing, external penetration tests, etc. – that the high demands of international standards (e.g., EU GDPR) and our customers are considered.
On a concrete technical level, we have one of the largest portfolios of precautions in the industry – from end-to-end encryption according to the highest standards to security gateway techniques, anti-hacking systems and corresponding authentication technologies (IEEE 802.1X).
In more and more customer meetings, the request for documentation of “Security and Privacy by Design” is among the first questions. We offer a comprehensive documentation as well as best practices guides and implementation guidelines that go well beyond pure features and rather provide a holistic point of view long before the actual implementation.
We have already implemented these guidelines. The background to this is that especially when changing the default password and updating the firmware depends solely on the initiative of the end user, these may often not be carried out carefully, exposing the devices to an increased risk. This is why users when commissioning a Dallmeier camera are forced to assign their own (strong) admin password and ID. Within our HEMISPHERE® software platform, the administrator can set up individual password policies, such as forced password changes after a certain time interval, or we enable full AD integration.
There are some certifications in place – such as the LGC Forensic – but it might certainly be useful to have further, vendor-neutral certification institutions. Specially to prevent abuse, as we still see with alleged "GDPR certifications", which are in no way official certificates, since the framework conditions for GDRP certifications have not even been ratified.
You would like to learn more about Dallmeier cybersecurity?