Home Infrastructure Security and the Cloud

Security and the Cloud

by Benchmark

The Cloud has certainly become a significant part of the consumer technology sector, and many people embrace what it has to offer. It is increasingly becoming an important part of many business functions, and also introduces SaaS (software as a service) to the commercial landscape. However, it still creates much debate in the security industry, with opinion divided as to whether it offers value and how it can be best deployed.

[dropcap]T[/dropcap]he Cloud has become a significant part of many peoples’ lives. Whether used to share photographs, store data or back-up smartphones and mobile devices, the Cloud has become a significant part of the technology landscape for consumers. Indeed, most of us use Cloud services everyday without even thinking about it.

The Cloud is not just a tool for the consumer market. In business, a growing number of companies store data off-site, and the growth in data farms serves to underline the popularity of this approach. An addition is the proliferation of SaaS (software as a service) applications. It is no longer a requirement for companies to purchase, install and manage licensing of software. Instead, they can simply subscribe to services which run software in the Cloud.

However, when it comes to security applications, opinions are very much divided. The divisions are not just over whether the Cloud represents a secure and viable platform for security applications. Even those who believe that it does are often split over how the technology should be deployed.

One of the main concerns is related to security. Those who support the Cloud often cite on-line banking as an illustration of how secure the Cloud is. Those who oppose the Cloud point out that people wouldn’t be so happy to use on-line banking if it was actual money that was being squirted down the line rather than transactional data.

Continuity is another issue. Often if a Cloud service is ‘lost’, the user is powerless to take action. At least with an on-site solution they can immediately initiate remedial steps to restore their system. Competent security requires consistency, and if full redundancy is required to ensure this, then the Cloud suddenly seems to be an expensive option.

On the positive side, the Cloud can allow additional services. Whilst security data can be retained on-site, the Cloud does allow reports to be shared. This makes it ideal for solutions where business intelligence is deployed, allowing users access to data but not to the core system.

The Cloud and Access Control
Alistair Enser, Global Sales Director, Vanderbilt Industries
VSaaS and the Cloud continue to have a huge impact on the security industry. According to the BSIA there are now more than 5.9 million CCTV cameras in the UK, which is an awful lot of data, so allowing companies to manage and archive surveillance video footage via cloud storage is, for many, a highly attractive option. By storing this information in the Cloud at a remote and secure data centre, it can be streamed to any device – whether smartphone, tablet or PC – on demand.

A study published by Transparency Market Research predicts huge growth prospects for the VSaaS market in the near future. It states that the global market will develop at a healthy 18.1 per cent compound annual growth rate (CAGR) between 2014 and 2020, rising from a valuation of $14.98bn in 2013 to $48.32bn by 2020. Interestingly, the market segment of IP-based video surveillance is expected to grow at a 23.3 per cent CAGR over the report’s forecast period. The need for surveillance cameras with efficient video quality is expected to be the key factor fuelling the growth prospects of this sector, increasing bandwidth demands and the need for suitable places to store this information.

The popularity of Cloud based video analytics is also closely linked with the growth in VSaaS. Allowing aggregation, analysis and presentation of data acquired from video surveillance systems through an Internet browser interface, data can be analysed and presented in statistical reports and graphs. This makes information regarding people and vehicle movement, occupancy and activity readily available.

There’s little doubt that in the right application, VSaaS has lots of potential. However, just because the video surveillance and access control share a similar platform and position within the security industry, it doesn’t necessarily follow that it will have the same impact. Put simply, the drivers for using VSaaS are fundamentally different from those of access control and the Cloud simply doesn’t have the same benefits for both.

It’s not difficult to understand why some organisations opt for VSaaS. It provides an opportunity to replace up-front capital infrastructure expenses with low variable costs that scale with a project. The Cloud means not having to plan and procure other IT infrastructure in advance, therefore saving even more time and expense. Just as importantly, when it comes to managing and monitoring, instead of having numerous displays in dedicated control rooms, this can be achieved anywhere, anytime, using whatever device comes to hand. It also addresses the bandwidth issues associated with video quality, colour, resolution and compression.

These are all issues that are important in terms of video surveillance but matter less to access control, which is based on real time, localised events normally handled within a controller and not necessarily on a server.

Benefits for Cloud use in terms of access control are therefore less clear, but can include the ability to store and share usage data and transactions in large systems, provide ‘instantaneous’ upgrades for cross site systems or even simplicity of rollout in small systems.

Then there’s the important issue of safety within a building. If a video surveillance system goes offline, apart from the obvious inconvenience of having to contact the VSaaS provider, and providing it can be fixed quickly, there’s no immediate danger to people, property or assets. Contrast this with a Cloud-based access control system: if it goes down and cannot be brought back online locally, then access events will be limited. The greater the number of decisions made in the Cloud, the higher the risk.

For example, a fully Cloud based system could potentially mean people would not be able to enter or exit a building, or move between different areas. Conversely a system that works offline would require local controllers, which then reduces the financial benefits of being Cloud based.

None of this is to say that as technology evolves, there won’t be ways in which the Cloud can be successfully integrated as part of an access control or wider system, for example in fully integrated enterprise systems, applications where a fast or even temporary rollout is required or where there is a low security or health and safety risk. However, at present, for most applications, making access control decisions locally makes far more sense.

The Cloud and Intruder Detection
Clym Brown, Marketing Director, Texecom
Security alarm system manufacturers have been adding self-monitoring and Cloud functionality into their systems over the past few years, but with the proliferation of portable smart devices and the continual hype surrounding the Internet of Things (IoT), modern security systems are increasing the level of connected features to keep pace with user demand.

Whilst not designed to replace professionally monitored security solutions, there is a strong appeal for users and facilities managers to have greater interactivity and self-monitoring control over their premises, without the need for an externally managed service.

Common system functions include Cloud-based access to IP enabled cameras, system notifications and smart automation systems for controlling heating and lighting.

Cloud-based services offer, in theory, clear advantages for connected security systems. Transferring data to the Cloud can reduce the cost and complexity of products installed at the premises, as the Cloud hosts data and manages information remotely.

The services also offer increased connectivity, with smartphone apps being able to connect to multiple systems simultaneously and retrieve almost limitless amounts of historical data.

System upgrades can also benefit from Cloud-based solutions. This is because once an upgrade is made to a Cloud-based solution, it then will automatically upgrade and future-proof all the other systems connected to it. Having system data, control and functionality based in a remote Cloud-based system offers potentially profound benefits.

The key question at this important moment is whether Cloud-based services enhance or hinder security?
It should go without saying that Cloud services offered by security alarm professionals will be safe and secure.

Users have an inherent ‘trust’ in their security providers, and it is vital that any interaction with professional security equipment lives up to these expectations.

Data security, encryption, immunity from hacking; these are all specialist areas that require specialist knowledge which may reside outside the traditional electronic security manufacturers’­ skill set.

A recent study in the US by Hewlett-Packard of ten mainstream connected security systems uncovered significant data security failings. HP identified various areas of weakness on the systems tested, including insufficient authentication and authorisation, lack of transport encryption, unsecure cloud interfaces, unsecure mobile interfaces, unsecure software and firmware and concerns over the private and sensitive data that these systems collected.

Providing internet-enabled devices and services is possible without investing in high security protocols, which can be tempting for some when targeting a first-to-market competitive advantage. Cloud-based services in particular are relatively easy to offer if security and data protection are not the core concerns.

However, for professional security services, integrity is imperative. High quality professional providers should invest heavily in ensuring the highest levels of data protection.

Thankfully, there are professional-quality systems available that offer self-monitoring functionality and smart-connected interactivity without compromising on data security or the integrity of the system. When evaluating systems, the question of data security is now as important as the added value of the smart-connected services on offer.

Manufacturers that can adequately answer the security concerns raised by the likes of HP will be the ones that can offer a considered, robust and secure remote communications solution.

The electronic security market is evolving to provide an increased level of user interaction through smart, connected systems. Securing electronic data, as well as the physical premises, will be one of the greatest challenges.

The Cloud and Data Management
Dror Irani, President & CEO, BriefCam
The main advantage of SaaS (software as a service) and Cloud connectivity is that it is ubiquitous: available anywhere, anytime. Plus, because of economies of scale and a wide pool of user feedback, SaaS and the Cloud are continually improving, adding new features and launching new applications to create an ever-richer environment.

When it comes to VSaaS (video software as a service), the difference is between on-premise services and VSaaS/Cloud-based services. Until recently, the latter options were not an economically viable option. Today, however, video clouds are affordable and enable service providers to easily add value-added services.

The advantage to VSaaS/Cloud is shared resources and, in fact, most large enterprises have already adopted a cloud approach to video surveillance by establishing private clouds or hybrid local network/cloud infrastructures.

For its part, this year BriefCam launched a cloud-based processing service, providing mobile video synopsis for rapid video review, search and analysis. Users can review hours of recordings in minutes from their home or business on their laptop, PC or mobile device.

The advantages for providing this functionality in a VSaaS/Cloud-based format are numerous: storage in the cloud is far less expensive, on-demand downloading is faster, watching only what one needs makes review more efficient, and users have access to data from a variety of device platforms while they’re on the go.

In an industry where the total amount of video review is under 1 per cent, it makes sense to share storage and processing power. In doing so, this can also increase the amount of video that is reviewed to the customer’s benefit.

This is particularly relevant for consumers and small- to medium-sized business, who represent the initial target audience for VSaaS/Cloud-based services. These are customers who want to watch their cameras remotely, get a quick recap of the day’s events, and carry on with their daily business.

The Cloud and Integration
Adam Stroud, CEO, Paxton Group
The growing popularity of cloud hosting, web technology, internet connectivity and the demand for added value have contributed to the rise of centrally managed security systems such as VSaaS (video surveillance as a service) and Cloud services.

The use of these services allows for the straightforward delivery of an integrated solution, with the installer simply plugging in a system on site and configuration taking place at a central location, offsite. This allows for easy access, as only a web browser and the appropriate authorisation to login and view data is required.

The monitoring of data is made more productive by the sharing of information between systems. Issues can be identified and verified quickly as alerts are sent when an event takes place to prompt the viewing of footage. GSM technology also helps facilitate reliable, simple delivery, as users in remote locations are able to connect to this service rather than relying on internet access.

It is important to recognise that VSaaS and Cloud aren’t appropriate for every installation. As with the introduction of any new system, there are concerns that need to be addressed before companies are willing to adopt these services.

The prime concerns for many users are confidentiality, data security, system management and the ongoing cost of the service.

Whilst VSaas and Cloud services are suitable for large organisations with numerous offices, for companies within the mid-market it makes more sense to manage their security system in house, in their own server room and under their strict control.

The Cloud and PSIM
Steven Smith, Managing Director, ISM
The majority of clients accept that access control data collection has always been centralised, with a main server that could reside anywhere, either in the same country or abroad, and this tends not to concern them since access is a critical function. Scrutinised processes have been put in place to protect the integrity of an end-to-end solution; after all, the data collected concerns information regarding access rights to buildings, sensitive areas and even high value vaults. As a result of this, the police, Government and financial institutions accept that protected data can be safely transmitted across a local network or internationally.

With the massive growth in broadband and network availability, and a better understanding of Virtual Private Networks (VPNs) and security firewalls, it is concerning that CCTV is, generally, not stored in the same way. After all, information containing images is sure to be less sensitive than information containing access to buildings.

Certainly from our perspective this is the future, and will be upon us as quickly as IP-based systems become mainstream within the CCTV marketplace.

The idea that PSIM can be centralised and operate within the Cloud is technically possible. However, is there any point in actually doing this? Most of our competitors would say it is advisable, but from our perspective this would negate some of the most important factors in using the technology, as well as driving down system efficiency and increasing the overall cost.

Fundamentally, the architecture is different as Cloud-based systems deal with edge devices and storage rather than the centralised brain and front-end control required for operators of PSIM systems.

PSIM technology should be specifically developed to cope with both centralised and dispersed topology, utilising pier-to-pier architecture to act as its own ‘Cloud’. This means information is not stored at a central location or data centre. From our previous experience we know these can be located anywhere (and often the user might not know exactly where the server is located) and the situation becomes highly difficult if a fault requiring access to the main server arises.

To counter this issue, pier-to-pier networking architecture should allow for a local connection with failover to other computers, providing a highly reliable and stable system infrastructure. Therefore, by avoiding the necessity to use wholly Cloud- and server-based technology, we can ensure a lower risk for our clients. Further to this, operators do not like working on browser-based platforms as they find them too confusing and not intuitive. This is critical; if a system is too complicated it will not be used and only easy-to-operate front-end systems answer that specific issue.

Of course, clients can run PSIM solely from a central data centre, but operators would still require a PC to access the information necessary for implementing such a system in the first place. Instead, it would be far easier and more cost-efficient to integrate systems locally and connect centrally, negating the need for PSIM systems to rely directly on servers. PC specification is another consistently-made error, and worryingly one that many do not consider, focusing on initial rather than lifecycle costs.

The specification of operating PCs to use any system is important; they must be constant-rated otherwise could incur high levels of failure. Standard computers are not designed or rated to run 24/7 on load, so it is important that the client purchases industrial rated computers – and although more expensive, this is cost effective in the long run.

Operator ease of use is another critical factor. Operators do not like web-based applications based on my experience delivering integrated management systems since 1991. For example, we have taken note from the games industry who, for good reason, have not used a server or Cloud-based system to store their data, instead relying on a partially localised system that provides easily accessible results. This is one of the main reasons why any company should look at employing gaming developers.

I have my doubts that PSIM will ever become fully Cloud-based, but what is clear is that Cloud-based systems and VSaaS will follow a trend that is already occurring in conventional systems, However, it will connect to VSaaS and Cloud services whilst retaining localised needs and, more importantly, enable a positive effect on the growth of PSIM solutions.

The Cloud and the ‘Lifestyle’ Market
Guy Dodd, Sales Director, Pyronix
SaaS and Cloud-based services are playing a major role in creating alarm systems that target the ‘lifestyle’ market, as these platforms add a new lease of life and a host of possibilities for a mature intruder alarm market.

This provides the basis for complete and interconnected systems, with additions of video and potential automation options. Such an evolution can alter the perception that an intruder alarm is a grudge purchase into one that makes the system functional, engaging and proactively sought after.

The technology allows products that deliver a highly secure system that users can monitor and control on the go, while at the same time checking on elderly relatives, managing alarm events or ensuring children have arrived home from school. With the Cloud, a smart device can act as a remote keypad, allowing users to access the system and remotely monitor property.

As home and business owners become more tech-savvy, the functionality of the security system is becoming part of what is demanded in the marketplace. As this trend continues, so does the need for smart technology to be utilised in a security system.

This connectivity can also deliver secure remote access, panel diagnostics and more from a smartphone connected to the Cloud. As we begin to delve into the inclusion of SaaS and Cloud-based services, we compete with companies from other sectors, such as media, automation, telco and utility providers.

While the offerings of established intruder alarm companies are manufactured to stringent European security standards, others are not and provide SaaS and Cloud but with second-rate security. Only professional solutions with additional lifestyle offerings will deliver all-round packages to offer connected solutions that are secure and engage with the ‘lifestyle’ market.

SaaS and Cloud-based services provide financial benefits for installers by improving efficiency with remote maintenance and management of the system. In turn, this allows the generation of recurring revenue. Installers gain new products and innovations with which to differentiate themselves. SaaS and Cloud-based services add considerable value both functionally and financially for end users and installers alike.

The Cloud and Add-On Video Services
Jeff Blair, CEO, The Hawkeye Effect
The core tenets of VSaaS/Cloud provide a central repository for video and other data. This would offer a third party ‘add-on’ a near perfect environment: access to all of the critical data in one place. In certain situations, a single instance of an analytic could interpret aggregated video from multiple far-flung facilities, all within a centrally-managed redundant environment ostensibly furnished with more computing power than available at any single facility.

Of course, almost everything looks near-perfect when reduced to basic tenets. While it is easy to point out the tremendous benefits in applying a single tool to a large collection of information, the devil is in the detail.

For example, in order to provide a single, central repository, the video data has to get there. This means that the video is reliant, at some point, upon an internet connection. If the ‘add-on’ then directs any action at the local site, it is reliant upon the same connection.

It is not enough to assume that the video flows up seamlessly and that directives flow back down in the same manner. At best, VSaaS/Cloud adds another layer between analysing and interpreting video and the response to that analysis. At worst, it introduces roadblocks for data flowing up and down; issues that are not present on a local network.

Like every breakthrough, VSaaS and the Cloud can offer advantages for third party add-ons in certain situations. It is up to each organisation to weigh the benefits and risks. Philosophically, if we are all in the business of protecting physical spaces, how appropriate is it to introduce time and distance between these spaces and the interpretation of, or response to, the events that occur there?

Related Articles