Cybersecurity at VDS.
Security is not a feature — it's the foundation. From hardware sourcing to cloud infrastructure, every layer is designed to protect your data and your sites.
Six pillars of security.
NDAA Compliance
All VDS hardware is NDAA Section 889 compliant with zero banned components. Every camera, networking device, and storage module is sourced from approved manufacturers.
NDAA details →Data Encryption
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Video streams, API traffic, and control plane communications are protected end to end.
SOC 2 Compliance
VDS maintains security controls aligned with SOC 2 Type II standards covering security, availability, and confidentiality. Audit reports are available to customers and prospects under NDA.
Network Security
Segmented network architecture with defense-in-depth. Firewalls, intrusion detection systems, and continuous network monitoring protect all VDS infrastructure and customer data.
Access Control & Authentication
Role-based access control (RBAC) across all systems. Multi-factor authentication required for all administrative access. Full audit logging with tamper-evident records.
Vulnerability Management
Continuous vulnerability scanning and regular penetration testing by qualified third parties. Responsible disclosure policy and structured patch management process.
Beyond the perimeter.
Incident Response
Documented incident response plan with defined roles, escalation procedures, and communication protocols. Regular tabletop exercises ensure readiness.
Employee Security Training
All VDS employees complete security awareness training upon hire and annually thereafter. Engineering staff receive additional secure development training.
Supply Chain Security
100% US-designed and assembled hardware from our Pikesville, MD facility. Component sourcing limited to trusted, NDAA-compliant suppliers with documented chain of custody.
US-only infrastructure.
All customer video and platform data resides on US-based AWS infrastructure. VDS does not transfer, process, or store customer data outside the United States. AWS GovCloud-eligible architecture is available for federal and regulated customers.
Report a Security Concern
To report a vulnerability or security concern, contact our security team directly. We follow responsible disclosure practices.
security@visiondetectionsystems.com →Need security documentation?
Request our security whitepaper, SOC 2 report, or NDAA compliance letter for your procurement team.