NDAA Compliance for Security Camera Systems
The National Defense Authorization Act (NDAA) is a U.S. federal law that has far-reaching implications for the global technology and security sectors. One of its most significant impacts is on the video surveillance industry, particularly concerning IP security cameras. This article delves into the importance of NDAA compliance for IP cameras and why consumers and businesses should prioritize NDAA camera compliance.
Summary: List of vendors with NDAA compliant security camera systems
- Coram AI
- Rhombus Systems
- Cisco Meraki
- Avigilon Unity
- Avigilon Alta
- Bosch Security Systems
- Axis Communications
- Hanwha Techwin America
- ACTi Corporation
- Digital Watchdog
What is NDAA?
The National Defense Authorization Act (NDAA) is a U.S. federal law that outlines the budget and expenditures for the U.S. Department of Defense. In recent years, the NDAA has included provisions prohibiting certain technology equipment and services from specific manufacturers, primarily those based in China. These prohibitions are due to concerns over national security and the potential for foreign espionage.
NDAA Camera Compliance and the HiSilicon Chipset
The NDAA has prioritized video surveillance and security cameras, making it crucial for U.S. organizations, especially those working with the U.S. federal government, to ensure their surveillance equipment is compliant. Fundamentally, any camera that includes a chipset from HiSilicon is not NDAA compliant. Notable vendors that have used HiSilicon chipsets in their products include Hikvision, Dahua, Lorex, and Amcrest. Before making a purchase, always check if the cameras are NDAA compliant to prevent risk of cybersecurity attacks.
NDAA Cameras and the Global Tech Landscape
Over the past several years, the U.S. and China have been engaged in a series of regulatory sanctions regarding data captured by hardware and software products. The U.S. Congress banned government use of telecommunications equipment by specified Chinese manufacturers in 2018 due to concerns over politically motivated cyberattacks. In 2020, the House of Representatives approved the IoT Cybersecurity Improvement Act, which regulates purchasing connected devices based on cybersecurity features and vulnerabilities.
Why NDAA Camera Compliance is Important
Federal Funding: Any organization acting as a contractor for any federal agency must comply with NDAA's prohibitions to receive any funding from the federal government.
Global Implications: NDAA's effects are felt globally. Businesses with U.S.-based headquarters might be advised by their parent companies to avoid blacklisted manufacturers.
Trust and Security: NDAA compliance is a benchmark for security and trustworthiness.
Enhanced Cybersecurity: NDAA-compliant products have enhanced cybersecurity features.
NDAA Compliant Camera Chipsets
After determining the manufacturer of the cameras and recorders, it's essential to identify who manufactures the chipset or the 'brains' of security camera system. Under the brand HiSilicon, Huawei is the world's largest distributor of chips to the surveillance industry which has been banned under the NDAA.
Some examples of alternative NDAA-compliant chips are Ambarella, MStar, SigmaStar, and Intel. When picking a vendor for the IP cameras, you should check if they contain one of these NDAA compliant security camera chips.
Vendor Selection in the Age of NDAA Cameras
Choosing a vendor in today's uncertain environment requires thorough evaluation. It is essential to evaluate vendors based on their compliance with Section 889 of the 2019 National Defense Authorization Act. Additionally, understanding where hardware and software components are sourced from is crucial.
Coram AI IP cameras avoid the chipsets banned under NDAA, and hence, Coram AI IP cameras are NDAA compliant. Furthermore, Coram Point (cloud NVR for IP cameras) has two ethernet ports. Hence, the customers can isolate cameras on a separate LAN that is not exposed to the internet. You should also consider whether the video security vendors are audited for cyber security vulnerabilities under SOC2 Type II. Coram AI is SOC2 Type II audited.
In an era where cybersecurity threats are rampant and the integrity of video surveillance data is paramount, NDAA compliance offers a layer of assurance. It ensures that the products being used are free from potential foreign governmental interference and meet high cybersecurity standards. For businesses and consumers alike, purchasing NDAA compliant security camera systems is a step towards a more secure and trustworthy surveillance infrastructure.