Sacramento, CA-based Rhombus Systems – a provider of smart security cameras – has raised $10 million in a Series A funding round led by Cota Capital.
Existing investors MSD Partners, Lemnos Labs, and Promus Ventures also participated, bringing the total funding to over $20 million. The funding will primarily be used in R&D and sales team expansion.
Rhombus cameras demonstrate the demarcation between physical and IT security is increasingly tenuous, if it ever really existed. Cameras are a case in point, where modern smart cameras are staple components in physical home protection. Those same cameras have been compromised at scale and incorporated into criminal botnets that have delivered crippling DOS attacks against corporations’ IT systems.
Rhombus cameras are not, however, the average home defense camera. They are cloud-based, centrally managed, AI-backed security systems designed to protect company facilities, school districts, healthcare providers, and city governments.
Founder and CEO, Garret Larsson, who had earlier founded Mojave Networks (now part of Sophos), told SecurityWeek that the lack of security in existing cameras was a motivating factor in developing Rhombus Systems.
“We encrypt everything stored on the camera, we encrypt everything in motion between the camera and our servers, and we encrypt everything on our servers,” he said. “We have rotating keys on the camera, so if anyone gets physical access to the camera it would be nearly impossible to break the encryption. And we do mutual authentication to prevent man-in-the-middle attacks between the camera and the Rhombus servers. There are no open ports to allow hackers to get in.”
CA Ventures is an existing customer, with 700 cameras deployed and 500 more on order. Mark Zikra, Senior VP of Technology and innovation, commented, “We can distribute cameras quickly, integrate with our broader tech stack, manage our security remotely, and receive alerts when things need our attention.”
Each camera contains a chip set that contains computer vision models. Basic detection and alerting comes from here. “You can set up basic alerts to detect human motion at the front door of the office after 8:00pm,” explained Larsson, “or more advanced, such as ‘alert me to an unrecognized face that came into the office’.”
Some data may be sent to the Rhombus servers for more detailed analysis leading to more complex alerting. If a camera is monitoring a hallway, the system can detect the difference between normal and evasive motion. The underlying technology is a convolutional neural network AI system, which is the same basic technology used by self-driving cars.
Facial recognition is a contentious issue, but Rhombus avoids problems by limiting the facial database to each customer’s own staff, held by the customer. The same principle applies to license plate recognition in the car park. Anything unexpected or unrecognized triggers an alert. “Everything is owned by the customer,” he said. ‘We don’t share anything – and its use is entirely optional.”
Privacy is claimed to be part of the company’s DNA. “We differ from the usual consumer cameras, where everything is streamed to the cloud,” said Larsson. The Rhombus cameras are small, distributed computers that store all the video on the camera. Each camera can store anything between 20 and 180 days of continuous video. The alert clips may be stored in local data centers – so EU data will remain within the EU. The same principle applies around the world to conform with local data protection regulations.
Related: Many Hikvision Cameras Exposed to Attacks Due to Critical Vulnerability
Related: Serious Vulnerabilities Found in Firmware Used by Many IP Camera Vendors
Related: Hackers Breach Cameras at Banks, Jails, Tesla and More
