VIDEO SURVEILLANCE

Advanced Data Protection and Cyber Resilience for Surveillance Systems

May 29, 2025By Daniel Collins

Surveillance systems may not win any Oscars for cinematic achievement, but they contain valuable data that malicious actors seek to breach. As the volume of surveillance video grows, the work of storing and protecting the data has become increasingly challenging. On-premises systems simply cannot keep up. Nor is it easy to establish cyber resilience, which is essential for compliance and risk management.  The solution comes in the form of hybrid cloud storage, which delivers continuous data availability and resilience against cyber threats. 

The growing need for advanced data protection 

Surveillance systems have evolved from relatively small-scale, standalone solutions to networked, cloud-integrated ecosystems that ingest video feeds from dozens, if not hundreds or even thousands, of cameras. Modern surveillance systems generate an immense amount of data. A single camera might generate as much as 400 GB of video data each month. That means a 500-camera system, which is not uncommon, would produce a staggering 2.4 petabytes of data each year.  

All of this video data is exposed to cyber risk. This might seem counterintuitive. After all, who would want to get their hands on videos showing hours of parking lots and factory floors? Yet, one person’s dull video is another’s industrial espionage gold mine, to name just one of many reasons why hackers are targeting surveillance video. Other reasons include “hacktivism,” which is a politically motivated desire to disrupt or embarrass corporations or governments. 

Video feeds from your surveillance cameras can also contain sensitive personal information—faces, names, license plate numbers—and trade secrets. They might provide material for blackmail or the creation of “deepfake” videos that can cause reputational damage.  

In some cases, you will be compelled to preserve surveillance data for compliance reasons or to satisfy insurance policy requirements. If you are bound by these rules, you will be eager to pay a ransomware attacker to decrypt your video data. Otherwise, you may face fines or other penalties for non-compliance.  

The role of hybrid cloud in video surveillance security 

The expanding scale of surveillance video data sets is outpacing the capacity of on-premises storage systems. Onsite storage infrastructure also represents a single point of failure. In the event of a fire, natural disaster, or theft, the video files are gone.  

Hybrid cloud architecture offers a way forward. You may want to store some of your surveillance video stored on-site, for reasons of performance and latency. As the on-premises storage fills up, older files can go to cloud storage. This hybrid-cloud architecture allows an optimal balance between local and cloud storage. The cloud, infinitely scalable and redundant, gets you away from the risk of a single point of failure. You don’t have to worry about scaling up on-premises storage capacity if your video system adds cameras when the ceiling on your storage capacity is near-infinite.  

Second copy for mission-critical cameras: ensuring data resilience 

Already common practice for other IT workloads, organizations responsible for storing video surveillance data should also adopt the practice of creating a second copy of files from mission-critical cameras. Such a practice could involve implementing the 3-2-1 rule, a data protection strategy that entails making three copies of data, stored on two different types of media, with one offsite copy. The goal needs to be zero data loss. Such data resilience also serves the needs of compliance and the avoidance of liability. Without a backup copy, organizations are vulnerable to hardware failure, vandalism, and data corruption. 

Instant access to surveillance footage is essential in the event of a primary system failure. Such rapid access may be necessary for law enforcement to apprehend trespassers or emergency services teams that need to identify the source of a fire or locate injured people. Longer term, reliable access to archived video may be required by insurance carriers and regulatory authorities that want to review the details of an accident or disaster.  

In some cases, retention of video files is a matter of law or mandatory industry frameworks. For example, chemical plants must abide by the US federal government’s Chemical Facility Anti-Terrorism Standards (CFATS), which mandates security measures that include video surveillance at high-risk facilities. Alternatively, even without government rules, many businesses record videos to use in litigation or in disputes with insurance carriers, e.g., if an employee sues for a workplace injury, a video record of the event can be useful in establishing what actually happened. 

Cloud storage provides a simple way to realize the data resiliency objective for surveillance video. It is possible to configure Wasabi Surveillance Cloud, for example, to perform automated backups of video data on a continuous basis. This is a “set and forget” configuration that provides the compliance and liability-reduction benefits of offsite video storage.  

Best practices for cyber resilience in video surveillance 

Video storage professionals have embraced best practices to ensure cyber resilience. These include: 

  • Implementing a zero-trust security model for surveillance networks—The vast majority of surveillance video is never viewed. For this reason, it’s tempting to think that no one wants to see. This is a fallacy. If it’s sensitive data, it requires robust cyber protections. The zero-trust (ZT) model helps realize this goal. By adopting a “never trust, always verify” default response to access requests and then restricting access to the narrowest possible scope of file access, ZT reduces the likelihood of unauthorized access to surveillance video.  

  • Using role-based access controls (RBAC) to restrict unauthorized access—It can be difficult to keep track of user access privileges on an individual basis. An employee might work in a role that requires access to surveillance video but then transfer to a role where he or she does not need such access. If an admin does not know (or remember) to revoke their access, the user will retain an access privilege they no longer need. That creates risk exposure. RBAC helps solve this problem by assigning access by job role. This way, when the user changes roles, their access automatically goes away, reducing risk in the process. 

  • Requiring multiple approvals for critical account actions—Ideally, if a user wants to take a major step with video data, such as deleting or exfiltrating it, a manager or other qualified person must approve the action. Wasabi’s unique Multi-User Authentication feature facilitates this process. It requires multiple authorized people to confirm critical account actions.  

  • Conducting regular security audits and penetration testing for surveillance infrastructure—It’s a good idea to audit the controls and countermeasures you’ve deployed to protect your surveillance video data. For example, you might want to conduct penetration testing (pentesting) or other types of red teaming to determine if malicious actors can access your videos despite your best efforts at defense. Some companies do this on a periodic basis using external consultants. An alternative is to use automated pentesting software that continuously mounts white-hat attacks on your video infrastructure to find gaps in security. Auditing physical security in data center facilities is a related best practice. Wasabi’s storage regions, for example, are SOC 2 compliant and certified for ISO 27001 and PCI-DSS. 

  • Ensuring continuous operations through cloud-integrated disaster recovery planning—Surveillance video data should be included in disaster recovery (DR) planning. The goal is to ensure uninterrupted operations in the event of an outage, natural disaster, or cyberattack. Cloud integration simplifies the achievement of this goal by providing an endlessly scalable failover instance for video data.  

  • Using cryptography to protect the video data—Cryptography can render your data unusable to a malicious actor if they are successful in breaching it. This might mean using server-side encryption (SSE-C) to protect video data at rest and in transit. Wasabi offers this capability, along with the ability to use cryptographic hashing that renders video data immutable. A malicious actor will be unable to alter or delete data that has been secured in this way, making it a strong countermeasure against ransomware.  

Conclusion: future-proofing surveillance with secure cloud storage 

The old saying that we can’t predict the future does not apply to surveillance video. The future will bring the need to capture and store ever-increasing volumes of video data, and threats to the data will likely grow more sophisticated. These predictions should motivate us to prepare and future-proof our surveillance video storage practices. Prioritizing a cyber-resilient approach to video surveillance can take a variety of forms, but cloud storage should be at the top of the list. Wasabi’s hot cloud storage can make it happen. Wasabi, whose Surveillance Cloud has been created for this purpose, enables seamless, cost-effective, and highly secure video storage. 

To learn more, visit Wasabi’s Surveillance Use Case Page.

Related article

object lock
DATA PROTECTION

Why immutability is free at Wasabi

Most Recent

Recovery tax: how a single recovery event can be a disaster for your TCO

The high cost of data retrieval from hyperscale cloud storage can make an already difficult situation even more complex.  

The role of cloud object storage in the AI data pipeline

Efficiently managing data throughout the AI data pipeline is essential to ensuring AI initiatives remain cost-effective and technically feasible.

You shouldn’t have to pay to verify Your backups

Regular backup checks are important to the health of your overall security strategy, but they can also complicate your budget.

SUBSCRIBE

Storage Insights from the Storage Experts

Storage insights sent direct to your inbox.

Subscribe