Hey, I'm looking for some advice from those who have more experience in cybersecurity and networking. We recently set up a physical security system that has its own onsite "server." This server isn't connected to our domain—it acts more like an appliance. However, the software needs to communicate with a mobile app for our managers to monitor alarms and cameras from their phones, which means we have to open port 443 (or possibly another port). My main question is: how risky is it to open this port? While we can use strong passwords to protect against brute force attacks, does opening this port let in other unwanted traffic? What measures can we take to ensure this is done safely?
2 Answers
The real concern isn't so much about opening the port itself, but what software is running on the backend. If it's a web server or something similar, you'll need to get more details about its security features.
When you open this port, it doesn't directly allow unwanted traffic, but if the server has any vulnerabilities, someone could exploit those to gain access to your network. To be safer, consider what devices need access and limit it to essential users only.
Exactly. And since it shows sensitive information like camera feeds, you should think hard about having that available over the internet.