Is it Safe to Store Your Business’s Security Footage in the Cloud?
published on June 22, 2017 by Jon Ecker
Typically – but there are important safety precautions to protect your data
Storing security footage for your business or school campus is an important consideration. Traditional analog security systems require the use of onsite digital video recorders (DVRs), centralized IP cameras utilize network video recorders (NVRs), whereas decentralized IP cameras can record to any standard data storage option. The footage is archived in a server. Depending on the size of a company, the server may be onsite or managed and stored by another company offsite.
The new trend is to store all data, including security footage, in the cloud. It’s a centralized storage system that is accessible from anywhere. If you have a personal computer, tablet, or smart phone you are probably already familiar with the cloud and use it to store data so you can access it from any of your devices. The concept is very similar when archiving and accessing security data. But while the convenience of using the cloud is undoubtedly exceptional, the question becomes … is it safe?
Someone else controls your data – Perhaps one risk to consider is that you are giving up control of your data to another company and storing it in a remote place. Also, cloud companies usually have multiple clients, which means they are storing data for all of them. If a disaster were to happen, would your security footage be lost or corrupted?
Not enough security measures taken – If you are trusting a third party to store footage and data, you might think you don’t have to take any other security measures. This is not true. You still must take all steps to protect sensitive data.
Having your data hacked – Hacking and stealing stored data is always a concern, especially these days. Cloud storage can be a vulnerable to hackers without proper safety and security measures.
The safeguards for storing security data in the cloud
If you choose to use the cloud, pick a well-known provider and ensure that the cloud storage company uses encryption, meaning data is converted into code or scrambled so that the information cannot be read, even if a system were to be hacked. Data must be encrypted while it’s being stored and “in transit” and ideally “at rest.” The only way to access the footage is by using encryption keys, or passwords, which are given only to designated, authorized people within the organization. Your company can choose to manage the encryption keys itself, so that the cloud provider does not even have access to them.
A second option is to have the cloud storage company split data into chunks. As described by the BBC, “The process is called sharding … these chunks are then separately encrypted and stored in different places, so if someone did manage to break in and decrypt the data, they would only get access to random blocks.”
Yet another option is to send only link to the files, rather than the files themselves. That way the content can be previewed without actually downloading it.
Finally, review your cloud provider’s physical security measures. For example, Microsoft goes to great lengths to enact both physical and data security measures that make their cloud facilities a very hard target. In addition, their data centers are spread at random locations throughout the world, further preventing specific data from specific businesses to be targeted by an on-site breach. Other high-profile providers have similar security.
Practical considerations of cloud storage and access
Beyond safety, the decision to store security data in the cloud should of course also depend on whether it will work as intended. The chief considerations when deciding on a provider and the infrastructure to support it are:
- Does your Internet Service Provider provide sufficient upload and download speeds to handle the data transit?
- What are the costs of storing the data and the limits from the cloud storage provider?
- Does your existing security system support cloud-based applications?
Each of these potential issues is addressable with the right third-party providers and the right security system.
So, how safe is the cloud?
You may still have questions about the safety of storing security footage in the cloud as opposed to storing it on your own server or an outside IT firm’s server. Consider this other item from the BBC: “Most of the major data breaches that have taken place over the last five years, from Sony to Ashley Madison, TalkTalk to Target, have been from internal, not cloud-based, databases.”
Still, there is a risk that the cloud provider could be the one to access files. That’s why it may be wise to consider having your business control and manage the encryption keys. Also, it will be up to you to ensure that only authorized people within the company have access to the keys that unlock data – and that you pick a well-resourced, reputable provider who has a lot to lose from a breach.
To learn more about security technology, including ways to keep your security data secure, contact POM Technologies today at 212.688.2767 or through our convenient online form for a free consultation.