Data and cybersecurity for a reliable and compliant video system
Cybersecurity in the digital age
As more video security cameras connect to the Internet of Things (IoT), the role of video security is changing. Cameras are no longer part of a “closed” system, solely focused on gathering, recording, and viewing images. They are transitioning into intelligent sensors that collect significantly more data than video security images alone. And since video data is often highly critical and sensitive, every component of the video security infrastructure, including cameras, storage devices, network communication, Public Key Infrastructure (PKI), and video management software, needs to be addressed. The surge in data collection also increases the risk of cybercriminals looking to steal sensitive data.
Getting to future-proof and compliant solutions
Cybersecurity has consistently remained a top priority in the face of escalating digital threats and interconnectedness. Our approach aims to establish trust, safeguard data, manage user access, and enhance data security to uphold the most stringent reliability benchmarks. We understand that as connectivity and data collection evolve, so do the regulations surrounding their protection. These include, but are not limited to, the European Union’s Network and Information Security Directive (NIS2), and the Cyber Resilience Act (CRA).
Our commitment to continuous improvement is a cornerstone of our operations. We are committed to staying ahead of the curve and continually working to meet both current and future government compliance requirements in the video security industry. We are actively engaged in taking the necessary actions to ensure our products are in line with the standards defined by government purchasing and trade agreements organizations, including the National Defense Authorization Act (NDAA) and the Federal Acquisition Agreement onTrade Agreements (FAAR) in the United States.
Certifications
We provide comprehensive tools, documentation, and training to mitigate risks and safeguard our products and services. Our robust policies, processes, and third-party certifications ensure our security measures are always up to date. As a result of our sustained efforts, we have achieved critical cybersecurity certifications, indicating that we are doing the right things beyond the competition.
US government compliance regulations
We continually work to meet current and new government compliance requirements, and we aim for continuous improvements to our products through collaboration with our government customers. Many products offered are compliant with section 889 of the National Defense Authorization Act for Fiscal Year 2019 [Pub. L. 115-232] (NDAA 889) and the Trade Agreements Act (TAA).
10 leading measures to ensure data and cybersecurity
We embrace the highest standards when developing and manufacturing products, ensuring optimum data security and cyber resilience in every network-connected device. Since 2004, we have integrated crypto co-processors, certificates, closed operating systems, and signed firmware into all our products, including cameras, storage devices, and network communications – all to help you build a reliable and compliant system.
Embedded login firewall
- Focus on blocking threats, not functionality
- An intelligent login firewall you can count on
Secure Element
- We set the standard with the most future-proof Secure Element with Trusted Platform Module (TPM) functionality
- Supports 4096-bit keys
Password enforcement
- Security first: set a password, then connect
Minimum TLS 1.2
- Transport Layer Security (TLS): a cryptographic protocol that provides secure communication
- A minimum version of TLS provides maximum security
Simple Certificate Enrollment Protocol (SCEP)
- Simplifies cybersecurity at scale
- An easy way to deploy and manage certificates on cameras
Software sealing
- Changes to a sealed camera configuration will trigger an alarm
- Protects against unintentional or unauthorized changes
Encrypted firmware
- Verifies firmware authenticity and prevents malware insertion
Cloud firmware check
- Stay up-to-date at all times
- Checks Download store for new firmware automatically
Session timeout
- Manage how long a configuration session can be left unattended
Secure by default
- Security by default, closed until you say it is open
Maximize resilience
Users can rely on BVMS for maximum resilience with continuous live video and playback, no matter the interruption. The video management system keeps operations running even if both management and recording servers fail. BVMS uses Advanced Encryption Standard (AES), preventing unauthorized access to sensitive data. It also offers extensive user management to ensure only authorized users can access video data.
Your trusted partner for peace of mind
We deliver security solutions that are:
Predictive-ready, supporting data-driven decision and proactive responses to minimize risk
Secure, cyber-resilient, and compliant to maximize peace of mind in a connected world
Designed to perform, last, and be accessible no matter what, empowering you to focus on your business
Product security throughout the life cycle
| Security with supplier | Security engineering process | Vulnerability and incident management |
|---|---|---|
| Security with supplier We have high-quality requirements for purchased products. To ensure the security of purchased products, modules, and components, we evaluate each supplier concerning product security as an integral part of our purchasing process. | Security engineering process Whenever we develop a new product, we conduct a comprehensive threat and risk analysis and create an individual security concept for the product and its integration into a complete solution. We ensure product security with comprehensive security and penetration testing during the design phase and before release. Any updates, patches, or upgrades will undergo the same rigorous tests and only be deployed once they have proven secure. | Vulnerability and incident management Because requirements are constantly changing, 100% security is never guaranteed. Therefore, a structured vulnerability and incident management process is established to professionally manage potential product security vulnerabilities and incidents. Visit the Security Advisories webpage to get the latest information about identified security vulnerabilities and proposed solutions. In addition, we have established a global Product Security Incident Response Team (PSIRT) that is the central point of contact for external security researchers, partners, and customers to report product security concerns. |
Speak with an expert
Our experienced and trained technical support team can help you build and configure a secure and compliant system wherever you are.