Dahua NIS2 White Paper

On December 14 2022, European Union (EU) adopted an updated version of the NIS directive to replace the initial NIS directive that was established in 2016. The new NIS directive (“NIS2”) addresses the limitations of the initial NIS directive through establishing with stricter cybersecurity requirements, and expanding the scope of entities and sectors that fall within the scope of the new directive. Overall, the NIS2 Directive focuses on those organizations that are essential and important in the supply chain of critical infrastructure.

How Can Dahua Products Help Users Comply with GDPR

General Data Protection Regulation · A new set of rules designed to give EU citizens more control over their personal data. · Entered into effect on May 25th, 2018. Influence on video surveillance system The end users, solution operators and service providers (“Organization”) may be the main data controllers or data processors defined by GDPR. Therefore,GDPR compliance at large depends on how Organization use the product or service. The Organization concerned should carefully select products and services which are used to process personal data.

Dahua Product Security White Paper v3.0

Without the prior written permission of Zhejiang Dahua Technology Co., Ltd. (hereinafter referred to as "Dahua"), no one may copy, transmit, distribute or store any content of this document in any form. The products described in this document may contain software copyrighted by Dahua and other third parties. No one shall copy, distribute, modify, extract, decompile, disassemble, decrypt, reverse engineer, lease, transfer, sublicense or otherwise infringe the copyright of the software in any form except with the permission of the relevant owner.

Dahua Product Security White Paper V2.0

The continuous and in-depth development of AIoT needs to be established on the basis of responsible, open, professional, and systematic cyber security and privacy protection. Dahua has always regarded cyber security and privacy protection as one of the company's highest programs, and has continued to set up special funds to ensure that the research & development and delivery of product security, research on key security technologies, and construction of security incident response system are steadily promoted. Before releasing the products, all of them must pass rigorous testing conducted by the attack and defense laboratory. At present, Dahua has achieved fruitful results in security technology areas such as trusted computing, data encryption, privacy protection, and attack and defense testing, and has integrated applications in a full range of products. This product security white paper aims to provide users with a deeper understanding of the security capabilities of Dahua products through a comprehensive elaboration of Dahua product security framework construction, security baseline practices, security technology applications, and security usage recommendations.

Dahua Product Security Hardening Guide V2.0.0

With rapid development of IoT network scale and application, continuous increase of audio/video multi-media application, network environment becomes more and more complicated. All kinds of network threats and attacks are emerging, and network security issue raises more and more concern. Network security events occur frequently, including Trojan virus, ARP spoofing, application and system attack and so on. In order to achieve the best cybersecurity, Dahua minimizes equipment security risks in product design, development and test and avoids network attacks on devices.However, equipment and service security require the response of the entire supply chain and the participation of end users. Therefore, we develop this security hardening guide to help you establish a security management system to ensure normal and safe operation of equipment and systems.

IoT Security Technology White Paper V1.0.0

The Internet of Things (IoT) connects huge amount of devices and takes us into a whole new world with all the things perceptive, connected and intelligent, thus greatly improves the social operation efficiency and makes people’s life convenient. IoT has a wide range of applications, including smart home, intelligent building, smart health-care,logistics, transportation, police affairs, etc. As predicted by Gartner, the number of world IoT devices will increase to 20.8 billion by 2020, and the combined growth will up to 34%. IoT will infiltrate to all aspects of people’s lives and reach a wide range of industries. From the security threats faced by the Internet of Things, this white paper mainly introduces the network security architecture, security technology and security strategy adopted by Dahua,including Digest Authentication, Data Package Filter, Data Access Strategy, Session Security, Network Security and so on.

Initialization and Password Reset for Storage Devices V3

In order to strengthen device security and ensure the safety of user information, new firmware on Dahua devices will feature initialization and password reset functions. When using networking cameras for the first time, users will need to initialize the device with a strong password. Users who have forgotten their password can reset it through email verification. Initialization:At the first time to use the device, a compulsory strong password setting is needed, and an user email address setting for password reset is recommended.The password ranges from 8 to 32 digitals. It can contain letters, numbers and special characters (excluding “'”,“"”,“;”,“:”,“&”) . The password shall contain at least two categories. The operation steps refer to attachment. Password Reset: If password is forgotten, users can reset the password by the following alternatives（for admin only）: a) QR code: Use Easy4ip or DMSS to scan the reset QR code and your email set before will receive the security code. Input the security code to reset the password of admin. b) Security questions: Answer the pre-set security questions to reset the password of admin. Only the local GUI of NVR/DVR support this method.

Best Practices

Cybersecurity is more than just a buzzword: it’s something that pertains to every device that is connected to the internet. IP video surveillance is not immune to cyber risks, but taking basic steps toward protecting and strengthening networks and networked appliances will make them less susceptible to attacks. Below are some tips and recommendations from Dahua on how to create a more secured security system.

Initialization and Password reset for Networking Cameras V1

In order to strengthen device security and ensure the safety of user information, new firmware on Dahua devices will feature initialization and password reset functions. When using networking cameras for the first time, users will need to initialize the device with a strong password. Users who have forgotten their password can reset it through email verification. Initialization:At the first time to use the device, a compulsory strong password setting is needed, and an user email address setting for password reset is recommended.The password ranges from 8 to 32 digitals. It can contain letters, numbers and special characters (excluding “'”,“"”,“;”,“:”,“&”) . The password shall contain at least two categories. The operation steps refer to attachment. Password Reset: If password is forgotten, users can reset the password by the following method（for admin only）: QR code: Use Easy4ip or DMSS to scan the reset QR code and your email set before will receive the security code. Input the security code to reset the password of admin.