Overview
Verkada systems are designed with the needs of law enforcement in mind. Specifically, we understand that an enterprise-grade video security system must be able to support requirements, such as chain of custody, in a way that enables easy sharing of information while holding up under legal scrutiny.
Highlights
End to end state-of-the-art AES encryption, ensuring the security of data in storage and transit
Permanent storage of digital evidence with full traceability to source
Complete audit logs allowing for traceability on viewing, archiving, and user actions
Secure sharing capabilities inside and outside of the organization
Security and authenticity by design
Verkada’s modern system architecture and security infrastructure ensures that there is
end-to-end encryption and validation of digital evidence from the camera to our Command software and on to law enforcement and other external parties.
On-board storage: Verkada's video cameras securely store video and audio on the device. Video data stored on the camera is encrypted using modern RSA and AES encryption standards. PKI encryption ensures that, even in the unlikely event
that someone gets their hands on your Verkada camera, they'll find it impossible
to extract any video data from its onboard storage. Data is retained on the device
for 30, 60, 90, 120, or 365 days (depending on the model purchased) and cannot be tampered with.Data in transit: By default, all Verkada systems encrypt data in transit using
HTTPS/SSL to prevent anyone from intercepting or altering the data
communications. Thumbnails, firmware updates, and settings are securely transmitted between the cloud and device using AES 128-bit encryption, TLS v1.2, and RSA2048.Data in the cloud: Data is redundantly stored within Amazon Web Services' S3
data storage system. All data is securely encrypted using AES 256 PKI
infrastructure.Data at rest (locally on the camera): 30+ days of video is securely encrypted on the solid-state storage of the camera using AES 128-bit encryption.
Data at rest (AWS): Archived videos, user history, and audit logs are securely stored in AWS using AES 256-bit encryption.
User authentication on the Command application: Verkada has stringent
password requirements and session management to ensure security, and
supports SAML/OAuth for single sign-on and 2-factor authentication (via SMS and
authenticator applications).Role-based access control: Our secure cloud management software, Command,
supports control over the locations, cameras, and functions (such as viewing,
sharing live, archived video clips, and notifications) ensuring that only authorized
personnel is managing camera feeds and archives.Audit logging: All actions in Verkada's Command application are tracked and
available for review and export by administrators and law enforcement (as
necessary). When a user archives and downloads a clip, those actions are
recorded to confirm appropriate personnel is performing the action.Secure archive sharing: Video archives that are created through the system can
securely be shared with individuals inside or outside of the organization. These
permissions are time-bound and enable secure viewing of the video.
Benefits of our approach
By developing a secure system from the start, Verkada has simplified and addressed
many of the inherent security risks of legacy digital evidence management systems. No longer are video clips subject to chain of custody or non-repudiation claims - the system securely saves archives for the life of your subscription without requiring backup to other storage media. Authenticity is confirmed by our PKI infrastructure, and additional security can be made available for offline viewing and management. Role-based access controls give your administrators the ability to ensure only authorized personnel have viewing and management rights. Finally, audit logs are redundantly stored in the cloud and track all actions taken with any camera on the system giving you and law enforcement a full view of the staff involved in gathering and exporting data.