5 Common Myths About Your NVR or DVR Video Monitoring System

Originally published October 18, 2018

Security is paramount for organizations these days, and most good protection strategies include video monitoring cameras.

More often than not, the default enterprise system centers around either a network video recorder (NVR) or digital video recorder (DVR) to capture footage from the various cameras that monitor the premises. While plenty of companies have found success using DVR and NVR systems, it can also be fraught with under-discussed pain points.

As people continue to ignore everything from hidden costs and challenging installations, to unforeseen cybersecurity concerns and scalability limitations, the following five myths still circulate about these systems.

Issues run the gamut—from inconvenient, to expensive, to potentially devastating—making it imperative to understand the pros and cons of any security system.

Myth

#1: NVRs/DVRs Are the Most Economic Monitoring Solution

While it’s true that NVR security and DVR security systems are often among the most affordable options out of the box, focusing on upfront costs alone could prove to be short sighted. The truth is that a DVR or NVR security system includes many hidden costs that only become apparent after the initial hardware investment has been made.

Enterprises should be aware of the ongoing IT maintenance expenses associated with CCTV cameras, which can add up quickly since reviewing footage can be slow and tedious with the outdated software solutions available. Upgrading services and storage, replacing equipment that fails, and expanding the system as you grow will all require additional expenditures.

While NVR/DVR devices are available with 16 or even 32 channels, many locations initially use smaller models that only support four or eight camera inputs. Though this may be sufficient when the office opens, in time, the company might have to add more NVRs or DVRs to accommodate additional cameras.

Myth #2: NVRs/DVRs Offer the Utmost Reliability

One selling point boasted by NVR/DVR providers is the system’s reliability. This is overhyped for various reasons, but the most significant is the reliance on what can become a single point of failure.

First and foremost, when an NVR or DVR stops functioning, all the connected cameras fail with it. So rather than just having one entry point or area left without wireless security camera monitoring, the entire facility enters a blackout—a potentially disastrous result, which malicious actors can exploit.

Moreover, this type of failure means you don’t just lose the ability to monitor the site when the system malfunctions. You will potentially lose historical footage that may be tied to an earlier incident of consequence. And when retention protocols come undone, legal risks emerge.

Then comes the small stuff. A loose cable connecting a camera to the on-premise recorder , for example, would result in camera downtime, that is unlikely to be discovered until footage needs to be pulled from DVR records. This lack of coverage for hours, days, or even weeks is in violation of video retention laws that require a certain period of footage to be stored on-premise.

Myth #3: NVRs/DVRs are Easy to Install

DVR systems are usually billed as foolproof solutions, since they allow operators to simply attach cameras to the device by plugging in a few cables and expecting uninterrupted HD video recording in return. NVR systems are known to require a bit more effort in terms of setting up networked cameras. But both are sold with the promise of being very simple to implement and use.

However, all the equipment still has to be configured to communicate with each other and software must be run on top of the system if you want to monitor the video locally.

This, of course, requires a monitor to be input, as well—while viewing remotely necessitates the addition of a router that passes the footage through a firewall then through the internet to be seen on computers, smartphones, or other devices. Add in all, the cables and installation of software on remote access devices and your seemingly plug-and-play system becomes anything but.

Myth #4: NVRs/DVRs Are Secure

Because a DVR or NVR security system is located on site, it can be self-contained locally and remain fully disconnected from the wider internet. In theory, this makes it incredibly difficult for malicious actors to hack and manipulate.

But most enterprises will want some sort of remote access to their IP cameras. Monitoring live footage is critical when it comes to responding to serious incidents in real time. (This is one of the main reasons many organizations need monitoring in the first place.) And from an IT perspective, making firmware or other updates remotely saves time, money, and hassle.

So while a NVR/DVR system could potentially be air gapped from the world and fully protected, in order to use a video recorder in the way most companies want to, you have to drop its security defenses. Any established firewall must be punched through to establish remote access, and a VPN (even when established properly) can still expose your system to some of the worst network risks.

This helps explain why Symantec, in its benchmark (ISTR), (ISTR), ranked DVR security systems second on its list of vulnerable devices involved in the Internet of Things attacks against its honeypot. Cameras also made the top ten, coming in eighth.

Myth #5: NVRs/DVRs Are Scalable, Regardless of Enterprise Size

While these systems can offer a low cost of entry, any savings can quickly vanish as a business tries to scale up its video security. What works well in a single location can be difficult and expensive to roll out across multiple sites.

Even more than the cost, many companies come to disdain the hassle of having a new on-premises device in every building. Not only does this require a small army of employees to follow retention and other protocols across all the different locations, but it also adds time and requires more personnel when it comes to servicing, updating, and generally managing the system.

And in each location, the organization will now have an additional point of failure. This issue is magnified by the fact that the segmented nature of the various DVR and NVR devices requires that they all be monitored separately if you want them to be protected against cyber threats.

While conventional video systems may be adequate for home security and certain organizations or use cases, modern enterprises should keep these NVR/DVR myths and challenges in mind as they make forward-looking decisions about their video monitoring systems.