shutterstock_399288955

Target, one of the nation’s largest retailers with over $70B in annual revenue, was hacked in 2013 and their customers credit card information was stolen. This cost them $100M+ in settlements alone.

How did the hackers get in? Through a web server running an HVAC system. Why would an IT department allow a web server on their corporate LAN? You’re probably doing it right now. How does your Video Surveillance system work? It’s almost certainly an NVR (Network Video Recorder), which is just some ‘security’ company’s offshore C++ project put under trheir brand and running on a Windows machine. Same thing with your Access Control system.

Any Video Surveillance or Access Control system made and deployed over the last several decades by the name brand security system vendors works the same way, they have open ports (e.g. 80 and 443, sometimes 22 and others) and offer up services (e.g. web and SSH). If you’re going to access these from off site, so can any bored hacker on the planet.

Remember the DDOS attack on DynDNS near the end of 2016? It took half the Internet down. Their botnet was largely comprised of Network Cameras and NVR’s that all used the same firmware vendor in Taiwan. Even after the IT department that bought these products changed the passwords, there was still an attack vector that used the default credentials. There was literally nothing the IT department could do to prevent their devices from being taken over, other than blocking off access from the outside world — which, given their outdated server architecture, would have rendered their systems useless.

Cloudastructure’s on premise hardware, the CVR and CDC, do not have any open ports. They offer up no internet services. They will get a 100% A+ on every penetration test you throw at them. They require no port forwarding in your router or holes in your firewall, your network stays secure. How do they work, then? All they do is phone home to Cloudastructure over HTTPS, just like one of your employees logging into Gmail or Bank of America would — exactly the kind of network usage you want to see in your logs.

Cloudastructure’s solution:

  • No open ports on any of our devices on your LAN
  • No port forwarding in your router
  • No holes in your firewall
  • All devices on your network make outbound HTTPS connections to Cloudastructure
  • 100% A+ penetration test results for both our devices and your network

Facilities would probably keep buying the incumbent solutions, and running web servers from the corporate LAN. Now that IT is involved in most of these projects, however, that solution is is being shown as the Bad Idea that it is. There just haven’t been an alternative, until Cloudastructure.


Rajeev Kak
Chief Marketing Officer
Mr. Rajeev Kak has over 20 years' experience in managing global marketing, sales and business development teams with several successes in driving new product introduction, new market development with global marketing launch and marketing programs management experience in large companies as well as start ups. Rajeev is an energetic, digital-savvy marketer with several achievements in product strategy, product marketing, lead generation, pipeline nurturing and inside sales, as well as mobile and social media marketing. Rajeev was recognized as one of Top 50 Most Talented CMOs for 2014 by CMO-Asia publication and World Marketing Congress. Previously, at SAP, Rajeev was one of the founding team members and headed the marketing function for a strategic ecosystem marketplace initiative SAP EcoHub and received the MVP award for leading a very successful global market launch. Besides SAP, Rajeev also held senior management roles at various companies including Adobe Systems and i2 Technologies. Rajeev is an engineering graduate from IIT Delhi, he has completed MBA (Marketing) from FMS, Delhi University and has a Masters degree in Management Information Systems from Texas Tech University.