Using emergency alerting systems to protect the U.S. critical infrastructure // by Simon Berman

alert will receive the information in a timely manner.

To ensure that only authorized personnel can launch alerts, systems must include access safeguards. An IT manager, for example, should only be able to manage and launch alerts related to cyber threats or IT issues, and a security manager should launch physical security alerts. The system’s security layer can serve as a safeguard by allowing only certain users with the proper account and password information to launch specific types of messages or to target only permitted individuals.

DoD has also developed a strategy for managing alert contact lists for its highly-mobile population, which is critical considering an alerting system is only as good as the accuracy of its emergency contacts database. In DoD, people are constantly changing roles in the organization and switching their cell phone numbers, e-mail addresses, and other pertinent contact information. An alerting systems needs to have the ability to connect to multiple enterprise user repositories such as HRMS systems, LDAP/Active Directory, and other organizational data resources, to retrieve and synchronize user contact information.

By having up-to-date contact information - such as office and home telephone numbers, mobile numbers, pager numbers, e-mail addresses as well as locations, groups, and organizational hierarchies - it can reach its personnel and their devices to relay safety information when it needs to because it will have the contact information readily available to ensure effective notification.

To maintain proximity to this sensitive information, to ensure the highest levels of security, and to assure the fastest time to disseminate emergency alerts, the deployment of emergency notification systems should be done on the IP network, behind the firewall. This supports the additional benefit of integrating with local telephony alerting and siren systems.

Learning from Others
Many organization which are part of the critical infrastructure do not have thousands of employees - in fact many only have hundreds - but reacting to crisis situations still requires the kind of rapid access to information provided by the network. The same type of network technology that benefits DoD can benefit a power plant, a train system, water filtration plant, or a port by communicating emergency information immediately to all affected personnel. Relying on the real-world experiences of one of the most security-conscious organizations in the world has its benefits.

We have the luxury of having a critical infrastructure that works. As the threats to America shift, so must our strategy toward protecting the underpinnings of our society. By cross-pollinating ideas between government and industry, we will be able to protect our critical infrastructure more successfully and bring a new level of security to some of our most important resources.

Simon Berman is vice president of products at AtHoc, a specialist in network-centric emergency notification systems