Appendix 5 Security Commitment And Recommendation - Dahua NVR52-4KS2 Series User Manual

Appendix 5 Security Commitment and
Dahua Vision Technology Co., Ltd. (hereinafter referred to as "Dahua") attaches great importance to
cybersecurity and privacy protection, and continues to invest special funds to comprehensively
improve the security awareness and capabilities of Dahua employees and provide adequate
security for products. Dahua has established a professional security team to provide full life cycle
security empowerment and control for product design, development, testing, production, delivery
and maintenance. While adhering to the principle of minimizing data collection, minimizing
services, prohibiting backdoor implantation, and removing unnecessary and insecure services (such
as Telnet), Dahua products continue to introduce innovative security technologies, and strive to
improve the product security assurance capabilities, providing global users with security alarm and
24/7 security incident response services to better protect users' security rights and interests. At the
same time, Dahua encourages users, partners, suppliers, government agencies, industry
organizations and independent researchers to report any potential risks or vulnerabilities
discovered on Dahua devices to Dahua PSIRT, for specific reporting methods, please refer to the
cyber security section of Dahua official website.
Product security requires not only the continuous attention and efforts of manufacturers in R&D,
production, and delivery, but also the active participation of users that can help improve the
environment and methods of product usage, so as to better ensure the security of products after
they are put into use. For this reason, we recommend that users safely use the device, including but
not limited to:
Account Management
1. Use complex passwords
Please refer to the following suggestions to set passwords:
The length should not be less than 8 characters;
●
Include at least two types of characters: upper and lower case letters, numbers and symbols;
●
Do not contain the account name or the account name in reverse order;
●
Do not use continuous characters, such as 123, abc, etc.;
●
Do not use repeating characters, such as 111, aaa, etc.
●
2. Change passwords periodically
It is recommended to periodically change the device password to reduce the risk of being
guessed or cracked.
3. Allocate accounts and permissions appropriately
Appropriately add users based on service and management requirements and assign minimum
permission sets to users.
4. Enable account lockout function
The account lockout function is enabled by default. You are advised to keep it enabled to
protect account security. After multiple failed password attempts, the corresponding account
and source IP address will be locked.
5. Set and update password reset information in a timely manner
Dahua device supports password reset function. To reduce the risk of this function being used
by threat actors, if there is any change in the information, please modify it in time. When setting
security questions, it is recommended not to use easily guessed answers.
Recommendation
474
User's Manual