printer friendly version

The reality of the cloud

One unmistakable take-away from this year’s CCTV Handbook is that the cloud is the new frontier for surveillance operations. It’s not new or revolutionary, but we are seeing more solutions that don’t have cloud services as a backup or storage option, but focus almost entirely on services in the cloud.

There are many benefits to the cloud, but there are also challenges. In South Africa, many say that cloud surveillance solutions are good for small installations, five to 10 cameras, maybe 15, but not for large systems due to bandwidth considerations (despite the availability of fibre in major cities). The question for the companies looking at a ‘cloud-first’ solution is whether these limitations are real and if so, how do they overcome them?

Brendon Hall, director of IoT Revolution Technologies (IoTRT), says that in today’s digital age, connected cloud-based services have become part of the everyday fabric of society. “Such is their integration that we often don’t realise we’re using an AI-enabled device or service that sends and receives information from data centres thousands of miles away in the blink of an eye.”

He adds that cloud migration has further been expedited by the 2020 pandemic, with millions of people worldwide working from home. “The adoption is not just a reality, but a tipping point for the security industry as those security companies that don’t embrace this evolving technology will end up like well-known names such as ‘Blockbuster’, killed by cloud services like Netflix.”

How one adopts or integrates the cloud into your services or surveillance solution depends on the technology you deploy. In Hall’s opinion, a hybrid cloud solution is the future since hybrid cloud is flexible for both small and large installations.

“Hybrid cloud allows your customer to evolve out of the hardware business and its associated costs.”

He provides the example of a large retailer that has 650 stores throughout South Africa. Each store will have an NVR and storage in diverse geographical areas. The challenge is real and deployment of support and spares across this vast area, costing time and travel, only escalates. Hall asks, “What if there was no NVR and all the storage resides on the cameras’ on-board SSD that can store video from 15 days to 365 days? No servers, NVRs or VMS on site to go wrong and no equipment room? All that is required is a network, a UPS and ‘very light’ connectivity.”

If the client has connectivity, a full copy of the footage is stored in the VsaaS (Video Surveillance-as-a Service) cloud. The head office has direct access to all the footage either directly off the camera or in the cloud. To add cameras requires no additional hardware or concerns if the NVR accommodated growth.

This example directly affects the retailer in a number of ways, equating to more floor retail space, less components to fail, always having the latest software features and the latest analytics, lower operating expenses and a number of other features and benefits.

“I recently completed a TCO for a large installation and my findings were eye watering,” Hall continues. “For a large deployment, it is even more compelling when looking at a total cost of ownership (TCO) covering a mid- to long-term period investment.

Real numbers

“A real case study would be a shopping centre project with 620 cameras which were supplied in 2013. This project required eight servers, associated NAS boxes and ICT equipment to process this number of devices (cameras). As with all ageing ICT equipment, they had to replace their entire storage component in 2018.

“IoTRT is aware that the same centre will be replacing the VMS, storage and subsequent ICT equipment again in the middle of this year, once again spending and remaining in the data centre space. Did the customer and their financiers ever have a true TCO discussion?”

Table 1 offers a glimpse of some of the TCO for this retail project.

Table 1.

Considering Table 1, the customer is getting into the data centre and hardware space to run its video system. Halls says that if they disclosed these 10-year TCO costs, either somebody would be fired or the system never deployed.

“In a cloud- based deployment, the centre could simply install the 620 cameras connected to a network with backup UPSs, supplied with a 10-year warranty on the cameras. No servers, no storage, no VMS or other associated expenses. The camera is simply licenced to the VsaaS with an annual subscription that can be procured as a 1-year, 3-year, 5-year or even 10-year subscription. No other licences and all the cameras are constantly updated with the latest available analytics, firmware and security patches from the secure cloud.

“Disconnection from the cloud due to an Internet issue is no problem as the system will work on a standard LAN environment and once the connection is restored, all latest software, firmware and related services pushed to each camera.”

The cybersecurity question

Cybersecurity is always an issue, highlighted by the recent events with a number of cloud service providers. In the cloud surveillance arena, for example, Verkada’s data breach springs to mind (IoTRT represents Verkada).

Some could say that in a properly configured cloud service, the user has control through encryption and multi-factor authentication. Of course, these safeguards need to be enabled and used and employees need to understand why passwords, keys etc. need to be kept confidential.

Hall puts the Verkada breach into perspective. He states that no camera was hacked. When looking at Bitcoin, also in the news these days, he explains that the fact is that if you lose your master password, you lose your Bitcoin investment.

He says Verkada tried to avoid this type of situation and developed what they call a ‘super’ password programme so that in the event the customer forgets all their login details, they can request Verkada to restore their system. To keep this secure, the installer should have activated the ‘two-stage authentication’ when requesting assistance from Verkada.

Verkada then sends an encrypted email requesting permission to access the site. “These ‘super’ passwords were made available to certain technical resources or staff who, for some unknown (possibly malicious) reason, published them. This further highlights the risks around personal social engineering and the development of a published cybersecurity policy with the correct checks and balances in place.

It further begs the question why the checks and balances weren’t put in place by the companies (end users) and their system integrators?

“For the record,” Hall states, “those clients without the checks and balances of two-stage authentication had their cameras exposed. Verkada acknowledged the breach and took accountability.”

The point he makes is that cybersecurity is not simply the responsibility of one party. It is up to the industry as a whole (including end-users) to activate all the security features available to avoid this type of situation (Read more about the Verkada incident at https://www.verkada.com/uk/security-update/).

‘Hostage-as-a-service’

One of the biggest challenges some cloud providers face today is what is becoming known as ‘hostage-as-a-service’. In other words, all your eggs are in one basket and the service provider has locked you in to their systems and solutions.

Questions of how companies can retain full ownership and do whatever they want with their video data if it is all in the hands of a service provider abound and this includes the possible need to take your data and move it in-house or to another provider. Moreover, while some cloud surveillance operators can accommodate various cameras in their solution, some provide the whole solution, including restricting users to using the provider’s cameras.

Hall says this is a contentious issue that is only found in security companies. He asks the question: “Do you send confidential email with Microsoft 365? 365 is cloud-based, the same as cloud surveillance. Can a customer migrate easily to another vendor without procuring more software? No.

“The current principles around security surveillance and the ‘old guard’, to be frank, are archaic. Would you migrate away from Microsoft? To embrace technology, you have to pick your vendor. When engaging with ICT infrastructure companies nationally and internationally, they embrace vendor loyalty and lock-in like all the other as-a-service products.”

The differentiator

Expanding on the cloud services IoTRT offers, Hall starts mentioning a few facts that should be considered by those considering cloud or other services.

• Cameras generate more than 2500 petabytes of data daily.

• Africa will get 700 new data centres in the next 10 years. This will bring scales of economy to a critical mass we cannot yet comprehend.

• One billion surveillance cameras will be watching around the world in 2021.

• 2,5 quintillion bytes (about 2,5 million terabytes) of data are created every single day, by 2025 the amount of data generated each day is expected to reach 463 exabytes globally (roughly 463 million terabytes).

“Our business model is to ‘get the end user out of the hardware business’ and the security industry into the annuity business,” states Hall. To accomplish this, the company offers the following services:

• Control Room-as-a-Service (CRaaS).

• Platform-as-a-Service (PaaS).

• Infrastructure-as-a-Service (IaaS).

• Analytics-as-a-Service (AaaS).

• No fixed licensing costs.

• No fixed analytics to a device.

• No heavy maintenance costs.

• No upgrade costs to keep up with technology.

• Large cloud-based AI computing power in our locally hosted data centre (at Teraco) with full disaster recovery.

• Affordable cloud-based storage solution.

• Opex models that suit the end user and system integrator (SI).

• No expensive HVAC costs.

• Annuity model for the entire ‘food chain’.

(To delve deeper into the below, Hi-Tech Security Solutions spoke to Hall and wrote more about IoTRT’s offerings, which you can find on page http://www.securitysa.com/13472r).

Share this article:

Further reading: