In video surveillance systems, video storage is a crucial component. In order to build a secure and reliable video surveillance system, video data needs to be stored securely. As the video surveillance market continues to grow, it becomes more tempting for malicious actors such as ransomware and hackers – making data security necessary for your business.
Without effective data protection in place, your video storage and network are at risk of getting hacked or ransomware attacks can reach into your video storage and maliciously encrypt or possibly delete all of the files on it. In this blog post we will discuss how to protect terabytes of video data with air-gapping and why that’s important.
Why do you need to protect your video surveillance storage system?
The video surveillance market is growing every day, and as the video storage systems become more advanced with features such as video analytics becoming increasingly popular. Hackers are also developing new ways to attack your system – which means you need a way to keep your data safe from attacks such as ransomware.
According to marketwatch, the video surveillance storage market was valued at USD 7.6 billion in 2019 and is expected to grow by 18% (2019 – 2026). The increasing investments in the video surveillance vector also makes it a tempting target for hackers and ransomware attacks.
In most cases, video surveillance system owners are expected to retain video data for months or even years. Depending on the industry and the company, if this video data is lost, corrupted, leaked, or otherwise compromised, it can lead to fines and compliance issues – in addition to reputation damage.
Data Protection Challenges for Video Surveillance Storage Solutions
Large Volumes of Data
Video surveillance cameras generate large volumes of data on an hourly basis. The size of the data generated by a surveillance system depends on a number of factors such as resolution, frame rate, mode of recording (continuous or event recording), codec and compression, and the number of surveillance cameras. The larger the data, the more challenging it gets to set up reliable data protection services for it.
It takes longer to back up and restore large data sets. Furthermore, if you’re looking to store a portion or all of this large data set into the cloud, then it consumes more bandwidth and network capacity – as a result, adding to the data storage cost.
Continuous Data Generation
Regardless of the mode of recording, continuous or event recording, surveillance cameras generate important data daily. This data needs to be protected at every stage throughout its lifecycle from creation to processing to storage. This implies that the surveillance network and the storage needs to be effectively protected – this can be challenging.
If there’s a vulnerability at any point of the data’s lifecycle, there’s a risk that hackers and ransomware attack can get to it.
Long-Term Data Retention
Storing important surveillance footage for months or even years is a challenging and often costly task in and of itself. Making sure that this data stays safe for as long as it’s retained, adds to the challenge and possibly the cost.
There are different ways to retain surveillance footage such as cloud archiving, maintaining tape arrays, or building a hybrid infrastructure with recent data on-premises and older data in the cloud. Each method comes with its own share of challenges.
For example, tape arrays provide better Return on Investment(s) than cloud archiving most of the time but they’re more difficult to secure than cloud storage repositories.
Secure Multiple Endpoints
Each camera in a surveillance system is an endpoint that needs to be secured – in addition to the network (LAN/WAN) used to transfer the data and the storage system used to retain it. It’s challenging to set up a comprehensive data protection system that is capable of securing all the endpoints and making sure that there are no vulnerabilities that hackers and ransomware can explore.
How to protect your video surveillance storage from hackers and ransomware attacks?
The task of setting data protection for video surveillance storage (VSS) solutions is not without its fair share of challenges.
Air-Gapping Makes Video Surveillance Data Ransomware-Proof
One possible solution is air-gapping which physically separates the video surveillance network from unsecured networks such as the internet and LANs. This can be achieved with VSS solutions that either feature hardware air-gapped nodes or software isolation – creating a secure vault for video surveillance storage.
Air-gapping allows you to protect video data stored on the VSS from hackers and other threats. An air-gap is created by physically separating your video data network with another isolated one – i.e., the internet or LANs. This ensures that hacking attempts can’t reach into your video surveillance storage and video data never leaves the secure network. As air-gapped repositories are isolated by default, the video surveillance data stored in them is also protected from ransomware because the malware cannot access it.
Backup and Disaster Recovery (DR) is Necessary
Without effective backup and DR, you’re at risk of losing your data to human error, accidental/malicious deletion, hardware/software failure, ransomware, and hackers.
Before setting up backup and DR, it’s important to understand the video data lifecycle and compliance requirements so that you can build an infrastructure that can deliver the appropriate Recovery Time and Point Objectives (RTPOs).
Depending on your requirement(s), you can set up backup and DR for your video surveillance solutions in the following ways:
- Turnkey backup and DR appliances with air-gapping, immutable storage, anti-ransomware, a reliable backup software, and restore features such as instant recovery, and granular file-level restore. A good example would be StoneFly DR365V Veeam-ready backup and DR solution.
- Backup software + cloud solution that provides air-gapping and immutability, anti-ransomware, and facilitates long-term archiving. Examples include Veeam cloud connect, StoneFly CDR365 with StoneFly storage in Azure, AWS, or StoneFly private cloud.
- Purpose-built air-gapped nodes with automated network and power management, immutability, and S3 object lockdown with a reliable backup software that offers comprehensive backup and restore capabilities. StoneFly DR365VIVA (Veeam-Immutable Veeam Air-Gapped) is the only purpose-built air-gapped node in the market currently.
Immutability Helps Compliance and Data Security
Immutable features such as file lockdown, S3 object lockdown, and Write-Once Read-Many (WORM) volumes are also a must-have capability. The data stored in immutable volumes cannot be edited, deleted, or overwritten for a user-defined period of time. As the surveillance videos stored in these volumes cannot be changed or erased, these volumes help security companies and government departments comply with regulations such as GDPR, CJIS, FedRAMP, and more.
It goes without saying that the surveillance footage stored in immutable volumes cannot be maliciously encrypted by ransomware.
Delta-Based Snapshots Facilitate RTPOs
Snapshots provide the ability to go back in time and restore data and previous system state. By scheduling snapshots regularly, you can minimize data loss. Snapshots consume less storage capacity – which makes it a good practice to keep redundant copies and store them on different storage media as part of backup strategies such as 3-2-1.
Delta-based snapshots are faster because after the first snapshot, they only take snapshots of the changed files and not the entire volume.
Recovery Time Objectives (RTOs) depend on the performance capabilities of the host hardware, the size of the data, and the network speed. The shorter the required RTOs, the more resources it’ll require.
In order to reduce the Recovery Point Objectives (RPOs), you can schedule snapshots more frequently for instance hourly, or after every 2 hours – depending on your preference. The frequent the snapshots, the more resources it’ll require – increasing the cost accordingly.
A surveillance system is only as effective, reliable and secure as its weakest link. That means that if you want to build a robust video surveillance network with long-term success, it’s essential not just to protect the cameras but also the video storage on which they record. And while there are many ways of doing so – from encryption to physical security – air-gapping is one of the most effective methods for securing your data without losing access in critical situations.
Contact us today to learn more about how we can help ensure your video surveillance systems are up and running 24 hours a day, 7 days a week!