Issue link: https://resources.genetec.com/i/1480711
Cybersecurity checklist Best practices □ Have I trained my employees properly on cybersecurity best practices? □ Do I monitor and share intelligence about current cyber threats and trends in the industry and encourage collaboration on preventative actions and responses? □ Do I have an up-to-date inventory of all physical security and IoT assets? Data protection □ Is the multimedia data stored in my system protected? □ Is the multimedia data protected when exchanged in my system? □ Is the command-and-control data protected? □ Have I implemented end-to-end encryption? □ How are my encryption keys managed? □ Am I leveraging all available built-in mechanisms to ensure data integrity and prevent unauthorized modifications or tampering? Authentication and authorization □ Am I managing passwords correctly? □ Did I establish a policy and process for credentials lifecycle management? □ Have I changed all default usernames and passwords? □ Am I using strong passwords to access my security system and every connected device? □ Have I implemented multiple forms of authentication to prevent unauthorized access? □ Have I implemented a multilayer strategy that includes multifactor authentication and defined user authorizations to strengthen the security of users' access to the systems? □ Do I centralize identity management for all my security systems as much as possible? □ Do I have any protection in place against password brute force attacks? □ Have I set up my user groups correctly and assigned permissions to the right people? □ Are we using tools that support role-based access management? □ Do I have any protection to restrict user access after prolonged inactivity? □ Do authorized users only have access to what they need? □ Are we applying the principle of least privilege in granting access? Ready to deploy your new physical security system? Follow this checklist to stay on track with your upgrade or installation, mitigate risks, and ensure a smooth deployment. Deployment checklist Device security □ Are my video, access control, license plate recognition hardware and other physical security devices secured? □ Do I maintain detailed information about each physical security device, e.g. manufacturer, and firmware version? □ Do I have an up-to-date inventory of all devices connected to the network? □ Do I have a plan for the replacement of unsecured devices? □ Do I know how to identify and use the various encryption and cybersecurity capabilities supported on each device or firmware version? □ Have I confirmed that my video and access control software is up to date along with the devices and servers used for storing data and hosting monitoring consoles? □ What is my strategy to patch my device firmware promptly?