Verkada Security

Verkada’s solution has a secure configuration out of the box, featuring encryption in transit and at rest.

Device Security

At Verkada, security is the design foundation of our cameras.

  • Durable Design

    Torx Screws and IK10 rated impact protection mean our cameras are some of the most durable and tamper-resistant on the market. Devices monitor their physical state, and notify organization admins if tampering occurs.

  • Automatic Cloud Backup Available

    Verkada cameras can automatically sync their local storage to the cloud, for high availability and data resilience. On-device data remains protected and encrypted.

  • Firmware Updates

    Verkada cameras are designed to apply firmware updates automatically. That means you won't miss out when we roll out new features or critical security updates.

  • Encryption at Rest and in Transit

    Camera footage is stored locally on devices for up to 365 days and is encrypted using AES-128. We encrypt video data in transit to the cloud using TLS 1.2 or greater.

Cloud Security

Verkada’s Command Platform is hosted in Amazon's AWS cloud infrastructure which features some of the best data security and reliability in the world.

  • Cloud Managed

    Verkada cameras are only managed using outbound connections to the cloud, helping to protect against unexpected local network activity. Verkada devices do not require additional security hardware to be deployed on the network.

  • No Port-Forwarding

    Verkada cameras do not require port forwarding; a major vulnerability and headache of enabling remote access on traditional NVR systems.

  • Local Data Residency

    Certain regulations limit the processing and storage of an organization's data to its country of origin. Verkada is proud to offer processing and storage in the US and EU.

  • Encryption at Rest

    Footage is encrypted at rest in the cloud using AES-256.

Product Security

Verkada empowers you to control sign on, manage access to your systems, and gain visibility into when, where and how users access the system.

  • Single Sign On

    We support integrations with the most trusted Single Sign-On providers in the industry, including Okta, OneLogin, Google Workspace, JumpCloud, and Azure Active Directory.

  • Multi-Factor Authentication

    Verkada supports multiple factors for authentication including Passkeys, TOTP and HOTP one-time passwords (e.g., using Google Authenticator), magic email links and SMS codes.

  • Role Based Access Control

    Easily customizable access settings allow you to thoughtfully assign access to only the right people.

  • Enhanced Audit Logs

    Audit logs help reveal who has accessed your system, and any changes they have made. Audit logs include actions by Verkada support personnel and are API accessible.

  • Support Permissions

    Verkada support personnel may only access customer information through Verkada’s Support tools when explicit support access is granted.

Application Security

  • Regular Penetration Testing

    We use external parties to conduct detailed penetration tests, covering device, application, and cloud security.

  • Bug Bounty

    Verkada recognizes the importance and impact of the broader security community, and awards leading bug bounty researchers awards of up to $10,000 for confirmed security findings. Reported discoveries are investigated and promptly addressed.

  • SOC 2 Type 2

    Verkada validates compliance with industry standards in the design and performance of controls for handling customer data securely. A copy of Verkada’s SOC 2 Type 2 attestation report is available.

  • Vulnerability Disclosure Program

    Verkada believes in responsible security research and disclosure of security vulnerabilities. Responsible disclosure helps us promote the continued security and privacy of Verkada customers, products, and services. Please report potential security and privacy vulnerabilities to us via our Vulnerability Disclosure Program.

Customers in
Regulated Areas

Try Verkada For Free

30-day trial includes a Verkada controller, reader, and full access to the Command management platform.