IP Series, EVVR and Minicam (Firmware version 8.5.0 and above) encoders are equipped with robust security features including Secure Boot and Full Disk Encryption to ensure the integrity and confidentiality of system operations.
The Secure Boot implementation removes all pre-installed BIOS certificates and installs Digital Barriers certificates. Digital Barriers holds the private keys for signing our code with these certificates securely stored following best practices. It is not possible to boot any other operating system on our devices and attempting to do so can render the device inoperable.
All devices (except IP470) use Full Disk Encryption for all OS, configuration and internal recording files. The encryption key for each device is randomized at manufacture time with no backdoors or recovery mechanisms to guarantee the strongest security. The key is stored on the device's TPM (hardware security module) and is tied to the BIOS installed on the device and the Secure Boot state. If either of these are modified then the device will not be able to boot and all files will become forever inaccessible.
We strongly advise that customers:
DO NOT attempt to access the BIOS
DO NOT attempt to update or alter the BIOS
DO NOT attempt to reset the BIOS including removing/replacing the BIOS battery
DO NOT attempt to boot other operating systems
The only recovery mechanism is a return to Digital Barriers for a reimage. All data will be lost.
If you have any concerns regarding device operation, please report these to the support team for assistance and resolution.