Lanning illuminates simple cybersecurity step for integrators

WESTMINSTER, Colo.—Part of every integrator's cybersecurity strategy right now should be a very basic step, configuring 802.1x on exterior cameras, according to Andrew Lanning, co-founder of systems integration firm IST, which is based in Hawaii.

“It's a really simple way to increase the security of the solutions you're putting out there,” Lanning said. Configuring 802.1x will not prevent every breach, but it's an important part of a “layered defense,” he said.

Lanning led an educational session on May 6 at the PSA-TEC conference, which is taking place here this week. Called “Insider Edge: One integrator's path to a cyber-hardened solution,” Lanning's presentation centered on a protocol called 802.1x, which has been around for a long time, but is rarely used by integrators.

The protocol authenticates the device and is built into most cameras. It's free and it takes little time to configure, and yet almost no one uses it, Lanning said.

The only cost associated with configuring the protocol is a commercial-grade managed switch. It's a small expense, he said. Integrators should educate themselves and their technicians on 802.1x. Without it, “you leave yourself wide open to really simple hacks.”

Lanning suggested integrators consider the following questions: “If you sold a customer a device, did the configuration, changed the password, set the frame rate, but didn't configure 802.1x, have you done your job? And, if that customer is breached and you have not set up 802.1x, [will your installation] be defensible in court?”

“That's why I did it. I can sleep at night,” Lanning said.