Encryption and Security

Learn how Verkada’s Command software is built for compliance

Updated over a week ago

Verkada’s modern system architecture and security infrastructure ensures that there is
end-to-end encryption and validation of digital evidence from the camera to the Verkada Command software, and on to law enforcement and other external parties.

Benefits

  • End-to-end, state of the art Advanced Encryption Standard (AES), ensuring the security of data in storage and transit.

    • Permanent storage of digital evidence with full traceability to source.

    • System securely saves archives for the life of your subscription without requiring backup to other storage media.

  • User authentication on Verkada Command.

  • Role-based access controls give your administrators the ability to ensure only authorized personnel have viewing and management rights.

  • Complete audit logs allows for traceability on viewing, archiving, and user actions.

Security and authenticity by design

By developing a secure system from the start, Verkada has simplified and addressed
many of the inherent security risks of legacy digital evidence management systems:

Onboard storage

Verkada's video cameras securely store video and audio on the device. Video data stored on the camera is encrypted using modern Rivest–Shamir–Adleman (RSA) and AES encryption standards.

Authenticity is confirmed by our Public Key Infrastructure (PKI) and additional security can be made available for offline viewing and management. PKI encryption ensures that, even in the unlikely event that someone accesses your Verkada camera, it is impossible to extract any video data from its onboard storage.

Data is retained on the device for 30, 60, 90, 120, or 365 days (depending on the model purchased) and cannot be tampered with.

Data in transit

By default, all Verkada systems encrypt data in transit using Hypertext Transfer Protocol Secure (HTTPS)/Secure Socket Layer (SSL) to prevent anyone from intercepting or altering the data communications. Thumbnails, firmware updates, and settings are securely transmitted between the cloud and device using AES 128-bit encryption, Transport Layer Security (TLS) v1.2, and RSA2048.

Data in the cloud

Data is redundantly stored within Amazon Web Services (AWS) S3 data storage system. All data is securely encrypted using AES 256 PKI.

Data at rest (locally on the camera)

30+ days of video is securely encrypted on the solid-state storage of the camera using AES 128-bit encryption.

Data at rest (AWS)

Archived videos, user history, and audit logs are securely stored in AWS using AES 256-bit encryption.

User authentication

Verkada has stringent password requirements and session management to ensure security, and supports Security Assertion Markup Language (SAML)/OAuth for single sign-on and 2-factor authentication (via SMS and authenticator applications).

Role-based access control

Verkada Command supports control over the locations, cameras, and functions (such as viewing, sharing live, archived video clips, and notifications) that ensure only authorized personnel can manage camera feeds and archives.

  • Audit logging: All actions in Command are tracked and available for review and export by administrators and law enforcement (as necessary). When a user archives and downloads a clip, those actions are recorded to confirm appropriate personnel are performing the action.

  • Secure archive sharing: Video archives are created through the system and can
    securely be shared with individuals (internally or externally) of the organization. These permissions are time-bound and enable secure viewing of the video.

Did this answer your question?