A couple weeks ago, Max Huff and I hosted a webinar discussing video surveillance in the cloud (watch the recording), which had approximately 35 minutes of presentation and another 25 minutes of questions and answers. Recently, we were also at ISC-West demonstrating some of our Pelco cloud-based solutions and many of the same questions were asked. This blog provides some ideas and answers to some of the most popular questions or discussion topics that have come up.
Q. Who owns the data in a Video Surveillance as a Service (VSaaS) solution?
A. The simple answer is that the end-user owns the data or at least they should own the data. As most “as a Service” offerings are sold on a subscription basis commonly with a monthly or yearly contract, suspension or termination of the service could lead to an inability to access your data. Most “as a Service” providers won’t delete data immediately upon termination, and you should check as data retention policies will vary. I have never heard of an “as a Service” provider effectively taking possession of an end-user’s data, and this is another point to confirm/validate.
This then leads to questions related to use of video as evidence. The same techniques associated with digital signing can apply to cloud-hosted data as on-premises video data.
Q. What are your recommendations for number of cameras and resolution best suited for VSaaS?
A. There are lots of variations of this question which I also frame as a Goldilocks conundrum – looking for an environment that is not too hard, not too soft, not too hot, not too cold…something that is just right. And, there will be lots of answers depending on who you ask. To start, I recommend looking at the IHS Markit VSaaS Reports. Even the complementary abstract will provide a good overview.
The consensus is that VSaaS, with most video stored in the cloud, is best suited today for small and medium businesses (SMB), franchises such as fast food restaurants, and Internet friendly entities with little to no on-site support, such as an elementary school. Common traits of these are lower camera counts, lower resolutions, and little to no regulatory policies on where video can be stored. Further, the consensus is that VSaaS for enterprises with a hundred, high resolution cameras or more simply isn’t practical today largely due to the Internet bandwidth needed to support the solution. ‘Practical’ is the key word here. And for many organizations, current regulatory or compliance mandates simply don’t permit video being stored off-site.
There is a lot of grey space in the middle, and my expectation is that an increasing percentage of surveillance video will be stored in the cloud especially as bandwidth becomes less of an issue and regulatory policies relax.
Q. Are VSaaS and Public Cloud secure?
A. If going to VSaaS, it is important to know who is actually hosting the service and where the data is physically stored. Commercial cloud hosting from Amazon Web Services (AWS), Microsoft Azure, Google Cloud, Rackspace and others, provide robust security and compliance options that are difficult and expensive for almost all entities or organizations to match. A great example in the US is FedRAMP for secure cloud services provided to federal agencies. Commercial cloud providers operate at scale and are well suited to keep systems patched and offer things such as FedRAMP compliance. Commercial cloud providers will also offer options for where data is physically stored which is essential in some countries. If a VSaaS vendor is hosting themselves, I would be leery.
There is a lot more to this topic. Another blog post is coming that will dive deeper into this topic, including networking options.
Q. What are my hybrid cloud options?
A. Assuming the core of a Video Management System (VMS) consists of cameras, storage, monitors, software, and networking to connect it all, there are a lot of options on how a VSaaS solution could be built. Most VSaaS solutions today will have some type of gateway device that could range from a basic network switch up to an appliance that provides some amount of on-premises storage, management, and potentially analytics.
Within IT, there is the notion of “hybrid cloud” where some amount of compute and storage is done on-premises (“private cloud”) and some amount is done in the “public cloud” (and often across multiple providers). The end-user of the application or solution doesn’t have to know what is running or stored where and might not even care.
The main point here is that there are options. You could stream directly from a camera to the Internet and a cloud hosted solution via a network switch or router. In general, however, some amount of on-premises storage and intelligence, spanning both cameras and an appliance, will help mitigate network outages and more efficiently utilize bandwidth.
Again, please watch the original webinar if you haven’t already done so. We go into more detail on the points above, and there are only a couple of very short Pelco mentions.
What other questions does this raise for you?