A security system is designed to increase safety and protect people and goods. Because security systems are now connected to the company network, new risks have arisen. To prevent the security system itself from becoming a target for criminals, hardening is applied to these systems (servers and IP-based hardware).

Hardening is the process of disabling unnecessary functions and/or security risks and encrypting connections. This is to make it as difficult as possible for potential attackers to gain access to a system or to counteract intruders so that they can do little to no damage. And finally, if the attacker intercepts data, it must be made as difficult as possible for them to use this data.

The hardening measures that can be taken to achieve this are diverse. We will name a few:

  • deletion of unnecessary user accounts;
  • applying a sound password policy;
  • restricting access to the system based on IP addresses;
  • use encryption for the connections to and from the system;
  • special network settings, such as encryption and access protocols;
  • Implement an active policy with regard to software and firmware updates, with security patches being given high priority.

To get the most out of security systems, links are often made to other systems using an API/SDK. This form of openness provides a great deal of convenience because collaboration with other systems is possible, but it also requires the necessary attention from both the installer and the IT department. It is advisable to protect data with passwords and to systematically monitor manipulations from outside.

Measures within the ICT infrastructure

In addition to hardening the hardware and software, more general measures can also be taken within the IT infrastructure (to limit access for attackers). Where access to the internet is not necessary, it should not be made possible. The use of physically separated networks or VLANs is recommended here. If the systems do need to communicate with other systems, it is better to filter and check this communication with firewalls. It is also recommended to indicate in a so-called authorization matrix which users have which roles and associated rights, so that the risk of (accidental) improper use or manipulation of the data is limited to a minimum. Security systems can play a role in this, for example when two-factor authentication or the four-eyes principle are desired.

ICT department

Security systems are increasingly operating via IP and are therefore a potential target for (cyber)criminals. To minimize this risk, it is important to work closely with the IT department when implementing security systems. The security system is part of the IT infrastructure and therefore it is essential that the whole is assessed when it comes to security.