"12 New Security Tactics to protect your monitoring system and your network..."
|Heighten security in your network|
with these 12 tactics...
If you've ever been the victim of copper theft, vandalism, or any type of intrusion, you know how important security is. Many organizations try to institute rules and procedures to combat these problems, but that just isn't enough if your equipment doesn't support these...
12 common-sense security features:
Most web-based communication is not encrypted. This generally isn't a problem, because there isn't much of a security threat if you're just reading online news. But when it comes to the web interface for your RTUs or alarm master, you've got important alarm data (and access to control relays) that you need to protect. This is especially true if you work at a governmental or other security-conscious organization. To secure your alarm monitoring web interfaces, both T/Mon and the NetGuardian 832A G5 platforms are available with HTTPS/SSL encryption.
- RADIUS authentication
Many companies already have a RADIUS server in their network. It's a great way to centrally administer user access rights and passwords. The NetGuardian 832A G5 already integrates with any standard RADIUS server, and this same technology is coming soon to T/Mon.
- IP Filtering
Sometimes a whitelist is better than a blacklist. With IP filtering, you can limit access to your monitoring system to specific IP address ranges. This can really cut down on your system's vulnerabilities.
- Modem dial-back
Simple technology can become very powerful when it's used in the right way. Devices that support modem dial-back can call you whenever they've been accessed. Under normal circumstances, you'll get a call only after you've made a change. If you get a call and you haven't been making a change, you know that someone else did.
- Granular user-level privileges
If you have to give "all or nothing" access to your system users, you're forced to create unnecessary security risks. It's much better to give your staff only as much access as they need to do their jobs. If an incident occurs, your list of internal suspects will be much shorter.
- Passing ISS scanners
DPS Telecom products are built on strong proprietary platforms, so they're inherently less vulnerable during standard intrusion tests like ISS scanners. To discuss our ISS test results, call DPS at 1-800-693-0351.
- Enforced "strong" passwords
If you let every member of your staff choose any password they like, you'll end up with lots of short, lowercase dictionary words. That's a brute-force hacker's dream scenario. With the T/Mon alarm master, you have the option to require a "strong" password (minimum length and mandatory character types).
- Forced entry deactivation
If you give someone enough time in front of a door's keypad, they'll eventually find a code that works. That's why good access control equipment, like the DPS Building Access System, will automatically "lock out" after a specified number of failed login attempts.
- Logging user activity
If an incident occurs, you need a log to refer to so you can identify what happened. T/Mon logs the user ID for alarm acknowledgements and similar activity. This is a great deterrent against unauthorized activity.
- Building access control If you need to accommodate surveillance cameras and building access as an integrated package, you can do that with T/Mon. The Building Access System is a full-featured electronic access control suite that leverages the investment you've already made in alarm monitoring equipment.
- Ability to assign unique ports for functions
Hackers often depend on your usage of standard ports for certain kinds of traffic. T/Mon allows you to select a custom port for various jobs, making you immune to many "mass" attacks that only infiltrate via the commonly used port.
- "Dark answer"
When an unauthorized user wants to gain access to your systems, they send various sorts of requests and measure the responses. If your system makes no reply, a hacker's job is much more difficult. With this feature activated, your DPS equipment will issue no apparent login prompt. Once you log in (because you know that the system is, in fact, listening for your username and password), the system responds normally.
To receive a price quote or ROI analysis...