The Importance of TPM and NDAA-Compliant Video Appliances

Feb 8, 2022 | Blog

From the desk of BCD’s Chief Technology Officer Eugene Kozlovitser

At BCD, we focus on the three intangible things when building each system, regardless of size and scope: reliability, scalability, and accountability.

The most important things we incorporate on all our systems are much more tangible—Trusted Platform Module (TPM) and National Defense Authorization Act (NDAA) compliance. All BCD appliances come standard with these features pre-configured and fully compliant right out of the box.

When procuring video surveillance storage for your next project, common denominators such as CPU performance, storage capacity, and throughput should be a secondary concern. The primary concern should be that the vendor is providing a system that is secure and in compliance with ISO 20243, particularly when it comes to assurances regarding the supply chain. Today more than ever, it is essential that video appliances are held to an IT standard, including TPM and NDAA compliance. The importance of making these properties a top priority has become a standard for end-customer expectations.

With the utilization of an ISO 20243 certified supply chain, integrators and end customers can have confidence in the security and compliance assurances of every BCD server and workstation. Under best practices for all assembly and product lines, we incorporate the means necessary to offer advanced vulnerability prevention, counterfeit component prevention, and prevent malicious parts tampering, all while continually updating and documenting mitigation plans for risk reduction from assembly to shipping.

NDAA compliance assures that the video recording appliance does not include System on Chip (SoC) or other components capable of processing software from banned Chinese companies. All BCD servers and workstations use NDAA-compliant chipsets as a standard. Having the NDAA seal of approval guarantees that the product is fully supported under those regulations as federal agencies have banned all non-compliant equipment from RFQ’s and projects. Those companies not adhering to NDAA standards are unable to work with any federal organization via a published blacklist. Business and commercial entities are also following suit, as they have privacy concerns consistent with the federal government as well.

Trusted Platform Module enhances computer privacy and security. Consider it a hardware-level security measurement to protect your video recording device from malicious attacks. Once the TPM module is enabled, that physical chip is now permanently tied to that specific server or workstation and cannot be moved to any other system. TPM-based microchips on system boards offer another layer of hardware and intrusion security.

This software agnostic TPM module is utilized for high-level security file encryption, network security, and password management. These modules are secured by cryptographic algorithms and ensure total system security for the most sensitive data on your video recording system. As a matter of fact, TPM modules are a standard requirement from every video management software manufacturer and independent software vendor in the security marketplace.

The combination of NDAA compliance and TPM in your BCD recording appliance brings an elevated security standard for hardware with onboard root-of-trust, delivering full protection from both the outside in—and the inside out.