MCP Insights

Smartphone 9-1-1 applications need oversight

Looking at my smart phone, there seems to be an app for just about everything. There are apps that let you watch sporting events, movies and television shows on your device, while others provide turn-by-turn directions to your destination and tell you where the closest pharmacy is to your location. There are apps that let you receive a fake phone call when you want to extract yourself from an awkward situation, apps that enable you to locate your car when you’ve forgotten where you parked it, and apps that tell you when it’s the best time to run to the theater’s concession stand , so as not to miss the “good” part of a movie.

The rise of 9-1-1 smartphone apps

There even are apps that interconnect with 9-1-1 systems. Most are variations of the same theme:

• the user launches an app to contact 9-1-1 with the “touch of a button”
• information about the caller, including the location and pre-loaded medical history information, is transmitted with the call.
• users can even go as far as indicating the type of emergency—police, fire, medical or car crash—again at the touch of a button on some of the apps.

A few apps are focused on active shooter incidents. They enable authorized school and corporate security personnel to indicate that an active shooter incident is in progress, again with the touch of a button. The app indicates the location of the alert on a map, and while 9-1-1 is being contacted, they also alerts all federal, state and local law enforcement personnel in close proximity who have downloaded a companion responder app. According to the app developer, tens of thousands of  law enforcement personnel have downloaded their app to date.

Let’s walk before we run

The idea behind these apps is to make it faster and easier for citizens to contact 9-1-1 and to speed emergency response. It’s a great idea and the public safety community is always focused on improving outcomes for people in their time of need.

What’s not so good is that the app developers have been allowed to do their thing with little to no oversight.  Compile some code, upload it to an app store, and problem solved.  Or is it?

The Time is Now for Congress to Champion NG911

Late last year, Sen. Charles Schumer (D-N.Y.) expressed his concerns regarding the vulnerability of today’s 911 systems to cyberattacks. He specifically cited a Ben Gurion University research study that said it would be quite easy to infect mobile phones with a bot that would unleash a denial-of-service attack on the 911 system, possibly to the degree that service could be disrupted across an entire state or even a major portion of the nation.  

The former Federal Communications Commission (FCC) Chairman Tom Wheeler responded by stating that Next Generation 911 (NG911) systems represent a solution in this regard.

No communications system can be safeguarded completely against cyberattacks—the hackers always seem a half step ahead—and NG911 systems are no exception. However, they do offer the ability to dynamically reroute emergency calls to 911 centers in the next city, county or even the next state, which would mitigate the effect of any cyberattack that would bring local operations to a halt. This ability is lacking in today’s legacy 911 systems.  

Reaching a critical limit

The most compelling part of Wheeler’s response was that FCC is “close to the limit” of what it can do to make NG911 service a reality nationwide. He called on Congress to “create national enablers to accelerate the transition to NG911.”

The enablers already exist in the form of the NG911 NOW! Coalition, which consists of leading 911 industry organizations, including

• the Industry Council for Emergency Response Technologies (iCERT),
• the National Association of State 911 Administrators (NASNA), and
• the National Emergency Number Association (NENA)

These organizations work alongside the NG911 Institute and other organizations to move NG911 implementation forward.

The Coalition’s goal is that all 911 centers in all 56 states and territories will have NG911 systems in place, and will have retired all legacy 911 systems, by the end of 2020.

Money is needed to make this goal a reality. A lot of it. This is why Congress must play a critical enabling role. Congress must commit to funding nationwide NG911 implementation. It can be done as demonstrated years ago when it funded nationwide broadband data network deployment.

What public safety managers don't know that can hurt them

Today’s law enforcement, fire/rescue and emergency medical services (EMS) and 9-1-1 agencies have numerous communications systems and applications that play a critical role in supporting their critical mission of preserving lives and property. These systems and applications often are interconnected, but they always are interrelated.

Despite this interrelation, public safety managers often do not have a holistic perspective on how these systems interact. In some cases, they aren’t even aware of all of the systems and applications that are being leveraged by the agency.

This is problematic on several levels:

• Agencies often make changes to their communications systems, for example when vendors release a new software or firmware version. If the agency does not have holistic visibility into its systems and how they interconnect/interrelate, a change can have a detrimental effect on another system. In a worst-case scenario, a change could trigger a cascading series of events that leads to one or more system failures.
• It is difficult, if not impossible, for an agency to chart a course for the future—and secure the desired funding—when it does not have an intimate, up-to-date knowledge of its systems. Said another way, how does one determine what is needed—and then convince policymakers of the need—if one is unaware of what it has, or its current condition? This becomes even more complicated when an agency has multiple PSAPs.
• Moreover, when such depth of knowledge is lacking, it is exceedingly difficult for an agency to know what questions to ask of its vendors. The result is that systems often are over- or under-engineered. 
• As previously mentioned, today’s communications systems are often interconnected. The interconnection of systems creates multiple entry/access points that can be leveraged to launch intrusive attacks. Knowing where every entry/access point exists in every system is the first step toward cybersecurity—but it is a step that cannot be taken without a deep, up-to-date knowledge of system assets.

Read to learn more about steps you can take to stengthen your knowledge of your system assets.

Navigating the new ANSI Tower Standards: What you need to know

The Occupational Safety and Health Administration recorded 8 communications tower fatalities in 2015, 12 in 2014, and 13 the year before.[1] While decreasing, this is an unfortunate statistic considering the numerous industry standards available for adoption that exist to help prevent needless injuries, and even death, from occurring.