Scribd Logo
Upload

Welcome to Scribd!

  • Advisory 66

    Uploaded by

    Kalimullah Khan
    12 views3 pages
    Cyber Security

    Original Title

    Advisory-66

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Cyber Security

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    12 views3 pages

    Advisory 66

    Uploaded by

    Kalimullah Khan
    Cyber Security

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    5
    GOVERNMENT OF PAKISTAN
    CABINET SECRETARIAT
    CABINET DIVISION
    (NTISB)
    No. 1-5/2003/24(NTISB-II) Islamabad, the 4th December, 2023 .

    Subject: - Cyber Security Advisory - CCTV Camera Safe Usage Guidelines


    (Advisory No. 66)
    Introduction. CCTV camera usage has become indispensable in offices
    and residential areas. However, where it offers ease of use/remote view from anywhere'
    around the world (via internet), CCTV cameras are at the same time a cyber and physical
    security risk. A few recommendations on safe usage of CCTV network are appended
    below for adherence.

    2 Recommendations. Following are cyber security best practices/safety


    guidelines for CCTV administrators and end users:

    CCTV Administrators

    (1) Avoid Unnecessary Remote View. Do not provide CCTV


    remote view access unnecessarily. In case, remote access is
    M (IR-0;n1
    NI (1R-11 necessary, ensure strong passwords, device MAC filtering etc. on
    NI :,(zo,-Or.cl

    r1.11,,dm•7971!
    devices being used for remote access and remote access portal.
    fill Ili) ---
    M 1AiO
    Access Control. Limit access of CCTV camera system to only
    IVI itr, c:10

    authorized administrators. Implement strong authentication


    Ni
    :I 5ccv(H”v.Cliv.) V' mechanisms and follow the principle of least privilege.
    / SPS 1

    Regular Auditing. Conduct regular audits of user access logs,


    EN 2_1 camera configurations and system settings. This helps in
    -tt'
    E ti identification and addressing potential security vulnerabilities/
    g
    suspicious activities.
    c,
    Network Segmentation. Isolate the CCTV camera network from
    Cr Li
    ;--: other critical networks to minimize risk of lateral movement by
    potential attackers.
    r-t--
    (5) Firm wares and Software Updates. Keep camera firmware and
    software up to date to patch known vulnerabilities. Regularly check
    co cm
    =1.1.1 for updates from manufacturers and apply them promptly.
    1-2

    CU TT
    .
    01J
    CC 0
    ort a> =
    u_ cr CD

    Incident Response Plan. Develop and regularly update an incident'


    response plan specific to the CCTV camera system. This ensures' a
    swift and effective response to security incidents.

    (7) Encryption. Enable encryption for both data in transit and data at
    rest. This adds an additional layer of protection against unauthorized
    access.

    Monitoring and Alerts. Implement continuous monitoring for the


    CCTV system and set up alerts for any suspicious activities. Early
    detection can help to prevent or mitigate potential security threats.

    (9) Vendor Guidelines. Adhere to security guidelines provided by


    camera manufacturers. Stay informed about any security advisories
    or patches released by vendors.

    b. CCTV End Users

    User Training. Educate end-users about the proper use of


    CCTV cameras and the potential security risks associated with them. ,
    Encourage the use of strong passwords and secure authentication
    practices e.g. OTP remote view.

    Privacy Awareness. Make end-users aware of privacy


    considerations related to CCTV cameras. Avoid placing cameras in
    sensitive areas and ensure that they are used responsibly.

    Secure Passwords. If end-users have access to camera


    settings, ensure that they use strong, unique passwords. Discourage
    the sharing of passwords and emphasize the importance of
    password hygiene.

    Reporting Suspicious Activity. Encourage end-users to report


    any suspicious or unusual activities related to the CCTV system
    promptly. This helps in the early detection of potential security
    incidents.

    Physical Security. If end-users have physical access to cameras,


    stress the importance of maintaining the physical security of the

    devices. Tampering with cameras could compromise the entire


    surveillance system.

    Privacy Filters. Consider implementing privacy filters or controls


    to limit the exposure of certain areas, addressing concerns about
    unintentional or intrusive monitoring.

    Compliance with Policies. Ensure that end-users are aware


    of and comply with organizational policies related to CCTV camera
    usage and cybersecurity practices.

    3.
    Kindly disseminate the above information to all concerned in your
    organizations, all attached/affiliated departments and ensure necessary
    protective measures.

    (Muh Usman Tang)


    Assistant S retary (NTISB-II)
    Ph# 1-9204560
    All Secretaries of Ministries/Divisions of the Federal Government and Chief
    Secretaries of the Provincial Governments

    Copy to:

    Principal Secretary to the PM, Prime Minister's Secretariat, Islamabad


    Secretary to the President, Aiwan-e-Sadar, Islamabad
    Cabinet Secretary, Cabinet Division, Islamabad
    Additional Secretary-III, Cabinet Division, Islamabad
    Director General (Tech), Dte Gen, ISI Islamabad
    Director (IT), Cabinet Division, Islamabad

    You might also like