SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Colocation
#
Cybersecurity
#
Data Protection
Taking organisations' physical security to the cloud
Wed, 27th Mar 2024
By George Moawad, Country Manager, ANZ, Genetec
Follow us

While many physical security departments were hesitant to consider cloud-connected solutions in the past, they now have a greater understanding of the benefits these solutions bring and how they can help organizations better utilize resources to achieve business goals while minimizing overall operational complexity. 

Most businesses desire a comprehensive and technologically advanced physical security system but may find the investment in an infrastructure to support today's modern IP systems more than they can afford and maintain. Servers, IT and security staff, wiring, software installations, and updates – it all adds up. 

One of the most financially burdensome aspects of any surveillance deployment is the purchase and maintenance of the servers required to host applications and store video surveillance archives. As organizations continue to expand surveillance efforts, their private data centers become more difficult to manage, maintain, and afford.

With video surveillance camera manufacturers developing higher-resolution cameras all the time, the need for more storage increases exponentially. This can take a toll on an infrastructure that's not equipped to accommodate these advances in technology. Increasing mandates by insurance providers, government agencies, or internal policies to keep video archives far beyond the common 30- to 90-day retention range are straining resources even more. With these considerations, more organizations have pressing concerns about planning and budgeting for the future operational needs of security systems and are turning to cloud technologies for answers.

Doing more with Cloud solutions  
Cloud solutions allow organizations to quickly deploy new business applications and get more value from their physical security investments. For instance, with cloud solutions businesses can easily extend system access to other departments such as human resources, marketing, shipping, and others to streamline operations and fulfill various business mandates. 

Businesses can also easily trial new cloud-based applications and build application cases for new technologies that could benefit the broader organization. This can include tracking occupancy counts to enhance safety, digitally sharing files in a more secure way, or streamlining the flow of visitors across a site. Since these cloud solutions require minimal upfront investment and deployment time, all of this can be done with little risk to the organization. 

Should these applications prove successful, subscription costs can be shared across departments. For the budget-conscious physical security department, this can help free up monetary resources for other pressing projects. 

How safe is the Cloud? 
Tier-one cloud providers have implemented far more stringent security measures for their infrastructures than most independent organizations could ever afford to do on their own. They offer the highest levels of physical security for their data centers since they have to comply with regulations such as SOC 2, ISO 27001, HIPAA, and PCI. Furthermore, IT tasks such as infrastructure maintenance and patching are done in a timely matter, ensuring the ongoing security of the services provided.

Software as a Service (SaaS) providers also implement mechanisms that help businesses quickly identify and manage risks. From encrypted communications and granular privacy controls to strong user authentications and system health monitoring tools, cloud-based solutions come with very robust cybersecurity and privacy features. These built-in functionalities help automate routine maintenance tasks, saving tremendous time and resources.

Of course, cloud service providers must do their part to ensure that the right security mechanisms are in place, such as encrypted communications, data protection capabilities, and strong user authentication and password protection. Not only do these tools help protect organizations against hackers and other internet-based attacks, but they ensure only those with defined privileges will be able to access or use resources, data, and applications. 

Moving to the Cloud at your own pace 
Having an entire security system running in the cloud is not the only option when considering cloud-based solutions. Organizations can extend the functionality of on-premises, server-based systems or create a bridge to the cloud to modernize their existing infrastructure by simply adding cloud-connected appliances, adding devices with cloud-based software and storage, implementing remote sites with cloud solutions, or running specific applications in the cloud.  

A hybrid solution allows organizations to keep on-premises servers for existing technologies and uses as well as add other security and business components or systems as needed. The sheer flexibility and scalability of the cloud simplifies expansions by accommodating many different objectives, uses, and durations. From a front-end perspective, nothing changes for the operator who can manage all components, whether cloud-based or hosted on-premises, from a central location within one platform interface.  

More private and public entities, for example, are turning to the cloud to freely extend storage or gain layers of redundancy with minimal economic impact. In this case, organizations can easily choose to keep longer-term video and data archives in the cloud, while storing short-term archives on local on-premises servers. Other organizations are realizing the value of cloud storage by using it to back up video and data archives. If anything happens to the physical servers, companies can rest assured that their most critical security information is safely stored in the cloud and is easily accessible on demand.  

Beyond cloud storage, public and private entities are expanding their operations with entire cloud-based applications to achieve central management and monitoring from one location. While every independent system can be server-based, the component that ties them all together and connects people across the globe remains a subscription-based cloud service. This minimizes the drain on existing resources and accommodates sites where the infrastructure might not be available to enable this level of collaboration. 

Expanding security and business applications is simplified with a hybrid cloud model. Generally, the hybrid cloud model allows organizations to gradually expand their existing server and storage infrastructure by leveraging the benefits of public data centers at their own pace.

Hybrid-Cloud deployment considerations
While there is no "typical" hybrid-cloud architecture, there are some common deployment implementations:

  • The first and perhaps most common deployment is likely to include an on-premises Video Management System (VMS) along with a simple cloud storage extension to support, for example, longer retention periods of video downsized to a lower definition. 
  • A second common deployment would include enterprise customers with a global footprint of geographically distributed operations. Here, the architecture might entail a network of cloud and local video management and storage appliances, services, and components as required. In this case, they may run a larger VMS deployment in their headquarters, which would be mostly on-premises, with many smaller, remote sites federated into the main site.
  • The third category could be applied to an organization of virtually any size that elects to run its VMS and associated video analytics within its on-premises infrastructure connected to a number of cloud applications to export and share video. This architecture would be typical for a municipal police department that needs to collaborate securely on video evidence between precincts and other law enforcement agencies. In this case, they may include local clouds managed by the larger organization. 

Determining which category or subcategory of hybrid architecture to deploy will always come down to the primary considerations of budget, mission criticality, bandwidth constraints, storage costs, and other business factors that may include in-house IT expertise. But thanks to the unprecedented flexibility of today's hybrid architectures, whatever the organization's particular needs are, there is a solution for everyone.

In conclusion
By incorporating a cloud-based or hybrid solution, organizations and businesses of any size can reduce investment in new hardware and easily scale computing and storage resources to facilitate physical security at locations across the globe. Ongoing IT network infrastructure expenses like purchasing servers, electricity, and cooling can be drastically reduced if not eliminated. A cloud-based system is easier to maintain, offers the most up-to-date features and functionality, and with the right protection, can be safer from cyberattacks. With a hybrid-cloud deployment, organizations can move at their own pace: they can pick and choose which installations would benefit from on-prem solutions versus those where cloud solutions might be a better fit. Either way, cloud solutions offer quicker access to the latest technology advancements, including many built-in cybersecurity and data privacy features. The best part is users won't notice a difference. All cloud and on-premises systems are accessible via the same unified security platform.

Related stories
Smarttech247 & SentinelOne launch AI-powered cybersecurity for SMEs
GitHub's 2FA initiative helps secure software supply chain
Jason Haddix joins Flare as Field Chief Information Security Officer
AI tools linked to data exposure in 1 in 5 UK organisations
Trend Micro introduces AI-driven cyber risk management features
Top stories
Zscaler introduces enhanced ZDX service for improved IT operations
The importance of cybersecurity training for software developers
HID acknowledged as Leader in Gartner Magic Quadrant for Indoor Location Services
Exclusive: How Darktrace is tackling AI-driven cybersecurity
Record ransomware attacks in March 2024, report finds