Safeguarding Your Physical Security Systems
Internet of Things devices, like security cameras and access control readers, are often overlooked as a source of vulnerability.
A little-discussed source of risk for credit unions is cyberattacks that target internet-connected components of physical security systems. Internet of Things devices, like security cameras and access control readers, are often overlooked as a source of vulnerability. It’s a common blind spot – and a potentially dangerous one.
Cyber threats are increasing for all businesses right now, but the financial industry is the number one target for cybercriminals. Analysts estimate that these institutions and other financial services providers are as much as 300 times more likely to be attacked than other industries. The consequences of such an attack are steep. A single breach of a database that exposes the data integrity of credit union members could cause irreparable harm.
IT and security teams should work together to ensure the cybersecurity of the system against threats. There’s no difference in the impact of a cybercriminal accessing a server room physically or through a cyberattack on a camera, HVAC equipment or an employee’s laptop.
Common Vulnerabilities
Any device connected to the internet has the potential to become a cybersecurity vulnerability. However, some devices have well-known flaws. They can open a gateway into your networks or insert malware or ransomware into a system.
For example, the National Defense Authorization Act has blacklisted some brands of surveillance cameras and digital video recorders (DVRs). Anyone doing business with the U.S. government is forbidden from adding products with known vulnerabilities. The devices are known to have the potential risk of being easily hijacked and used by bad actors, which can spread to other systems within the institution’s network.
An easy tip to reduce your exposure to cyber threats is to monitor these guidelines. Include them as clear policy directives in your credit union’s cybersecurity playbook. Even if you’re not doing business with the U.S. government, following their lead on cybersecurity protocols allows you to leverage advice on best practices from their experts.
Reputable physical security software companies maintain up-to-date lists of authorized partners that have been vetted for cybersecurity. Always choose devices manufactured by a reputable vendor endorsed by industry leaders with a strong track record of cybersecurity.
Protect Your Networks From Cyber Breaches
It’s a good practice for credit unions to audit their network security periodically. Verify that all devices are secure, properly installed and password protected. Organizations often add hardware over time, so an audit is useful to know your system, its components and your vendors.
In addition to auditing equipment, credit unions should review cybersecurity policies. Ensure all team members from tellers to senior leaders are aware of best practices to follow. This isn’t a one-time exercise. Cybersecurity threats are continually evolving, and credit unions must regularly review and update their strategies to stay ahead of cybercrime trends.
Many credit unions find that transitioning to a unified cloud or hybrid cloud system makes it easier to keep up to date with cybersecurity requirements. This is because the software vendor shoulders some of the responsibility for things like software updates and patches. Reputable security software companies will have dedicated cybersecurity resources to monitor threats, issue recommendations, update systems and support your team. They can help your team respond efficiently and effectively in the event of a breach.
For IT teams, moving to a single unified security platform makes it much easier to manage and upgrade hardware over time. Look for a system with end-to-end encryption and multi-factor authentication to ensure both cyber and physical security standards are met. Choose a vendor with the flexibility to work with on-premises or hybrid deployments. That way you can transition to the cloud at your own pace if desired.
Securing Your Security System
Modernizing your security system can be costly, and these decisions now involve more departments than ever before. Your system should offer more than a heightened view of security. It should increase efficiency and scalability across departments with a strong cybersecurity foundation.
When all your physical security devices are connected by one unified system, you get a better picture of the security of your entire system. Built-in dashboards make it easy to monitor firmware status and keep on top of cybersecurity housekeeping within one intuitive platform. You can combine video monitoring, access control, license plate recognition, intrusion detection, analytics and more into a single interface that helps report any vulnerabilities.
Your unified system can even streamline access rights management, managing access rights in one central platform. Automated security policies and scheduled compliance reviews lighten your security team’s workload while reducing the potential for security breaches caused by credential abuse. A unified software platform supports IT and security teams to ensure data is properly encrypted and accessible only to properly authenticated users.
Securing your organization today means more than locking doors and protecting perimeters. It also means choosing security systems that are developed with cybersecurity in mind from the ground up.
Hardening your security system against cyber threats isn’t a burden to carry alone. Cybersecurity is a shared responsibility. It is led by IT and security teams and supported by software vendors and hardware partners, with staff at every level contributing. By combining efforts, your credit union can have a strong cybersecurity posture to protect your operations, staff and members.
Scott Thomas National Director, Signature Brands Genetec Montreal, Quebec, Canada