A new small business client called us after noticing “odd behavior” on their network and wanting a second opinion on their video surveillance setup. Their cameras and NVR were recently installed by a local alarm company. Everything appeared to be working—until we reviewed how remote access was configured.
This is a perfect example of why “installed” doesn’t always mean “installed correctly.”
Remote Access: Port Forwarding Should Be the Last Resort
When it comes to remote viewing, port forwarding should be a last-effort option, not the default approach.
The most secure remote-access methods typically include:
- Cloud connector solutions (manufacturer or enterprise-grade connectors designed for secure remote access)
- Reverse proxy architectures that avoid exposing the NVR directly to the public internet
These approaches are preferred because they reduce attack surface and keep the NVR from being openly reachable from anywhere on the internet.
If port forwarding is truly the only option, the safer approach is:
- Use a VPN for remote access (so only authenticated users on the VPN can reach the NVR)
- Segregate the NVR onto its own VLAN to limit risk to the rest of the business network if the device is compromised
The Situation: Remote Access Set Up the Wrong Way
To enable remote viewing, the previous installer configured port forwarding on the client’s router. Port forwarding isn’t automatically wrong—but it must be done carefully, with a clear understanding of what should (and should not) be exposed to the internet—and it should never be the first choice.
In this case, the configuration created multiple security issues at once:
- Incoming firewall ports were opened that should have remained outbound-only
These ports didn’t require port forwarding at all, but were left open to inbound traffic anyway. - RTSP port 554 was exposed to the internet
One of the open ports was 554 (RTSP)—commonly used for video streaming. Unfortunately, this also enabled unauthenticated streaming directly from the NVR. - Default credentials were still in place
Even worse, the installer left default usernames and passwords, allowing anyone who found the device to access the NVR’s web interface.
Put simply: the system wasn’t just accessible remotely—it was accessible to the public.
The Risk: What This Could Have Led To
When an NVR is exposed like this, the consequences can be serious:
- Unauthorized live viewing of cameras
- Access to recorded footage
- Device takeover and configuration changes
- Potential pivoting into the rest of the business network
- Compliance and liability exposure (depending on the business type)
And the most frustrating part? The client thought they were paying for “professional installation.”
What We Did: Secure Remote Access the Right Way
At Systems Integrations, we don’t treat surveillance as “just cameras.” We’re also a Managed IT solutions provider, so we approach security systems the same way we approach networks: reduce exposure, lock down access, and build it correctly from day one.
For this client, we:
- Removed unnecessary inbound firewall rules
- Eliminated risky port forwarding and closed exposed services
- Secured streaming and management access properly
- Reset default credentials and enforced strong authentication
- Segmented the NVR appropriately to reduce risk to the rest of the network
- Verified the NVR was no longer accessible from the public internet
- Confirmed remote access still worked—without putting the business at risk
The Takeaway: Anyone Can Install an NVR. Not Everyone Can Install It Securely.
Sure—anyone can hang cameras and plug in an NVR.
But if remote access is set up carelessly, you’re not getting “convenience.” You’re getting a vulnerability that can expose your business, your employees, and your operations.
If you’re shopping based on lowest cost, it’s worth asking a better question:
Is it installed securely—and is remote access done correctly?
Need a Second Opinion on Your Security System?
If you have an existing surveillance system and want to know whether it’s configured safely, Systems Integrations can help. We specialize in secure video surveillance and access control—and we bring an IT/security mindset to every install.
Don’t leave your business at risk. Get it done right.
Schedule a security review with Systems Integrations. We’ll check your NVR remote-access method, firewall rules, credentials, and network segmentation—and give you a clear plan to secure it.