I took OTS products that supported standard protocols, used open/free software to set up the storage and control, set up the firewall to allow ingress, and found a library that let me configure 2FA, among other things. I didn't build the cameras or write the software myself. I did do some editing of the code and I didn't hash out anything new. Rather than try to create my own authentication system or encryption (both are horrible ideas), I relied on stuff that's already out there. I also use a hardware firewall and control ingress and egress, as well as check logs to ensure that nothing I used was attempting to call home to a mother ship. I wrote it up on Slashdot, but that was years ago - and some changes have been made since. Hmmm.... Maybe I can write about it again sometime and update what's changed? It's really not that hard, so long as you're willing to read some documentation and have time to learn new things.