by Brianna Crandall — December 20, 2017 — Brivo, a global provider of cloud-based physical security solutions, just announced that the company is continuing its cyberprotection of users by adding new cybersecurity defenses to its Brivo Onair platform against certain malware threats. Brivo Onair is a modern unified security platform that combines physical access control and video monitoring. From unlocking doors, to recording surveillance video, to giving access permissions to new employees and contractors, Brivo Onair is designed to offer a secure physical access control solution through the cloud.
Newly developed cyber security components that detect malicious “bots” as well as DDoS (Distributed Denial of Service) attacks have been embedded in Brivo’s Onair cloud service and associated on-premise controllers. As the rise of the Internet of Things (IoT) has underscored the need for rigorous cyberdefenses at the device level, Brivo has provided its customers with ongoing system updates that address the unique needs of commercial security platforms.
Steve Van Till, president and CEO of Brivo, stated:
Given the growing prevalence of exploits of IoT devices like controllers and cameras, we believe that frequent cyber defense updates are more important than ever. As both the cloud application provider and the device manufacturer, we are in a unique position to simultaneously update both pieces and provide coordinated, end-to-end defenses.
According to Brivo, “bots” are a type of malicious software that attempt to take over a computer or microprocessor system. The new bot detection in the Brivo’s controller firmware defends against these malicious agents by detecting the anomalous communications patterns they produce.
The new firmware also detects and limits abnormally high transmission rates that are the characteristic signature of DDoS attacks. After detection, Brivo’s Onair cloud then provides customers with alerts that allow them to begin to take corrective action.
The encryption used in Brivo’s newest door controllers, the ACS6000 and ACS300, supports the latest standards and longer key lengths: TLS1.2+ with AES256 encryption and a SHA256 certificate with a 4096-bit key.
Brivo says it maintains a continuous regimen of product vulnerability testing and publication of security updates to address new threats. Brivo Onair has reportedly been validated with more than a decade of information security audits, and has achieved the Cloud Security Alliance STAR designation as well as Privacy Shield certification from the US Department of Commerce. Brivo’s annual SOC 2 audits are conducted by an independent service auditor.
Brivo is a software-as-a-service (SaaS) company offering a complete suite of physical security products and services for commercial buildings, including access control, video surveillance, and mobile credentials. Currently serving over 10 million users, Brivo provides a scalable and centralized security management system, offering both access control and video management in a single cloud-based platform that is available via Web browser or mobile applications for anywhere, anytime management and control.