Your session has expired.

Your authenticated session has expired due to inactivity. You can close this message and continue as a guest or log in again before proceeding.

FRESH IDEAS IN PUBLIC SAFETY


    Specified user is not valid
    Publish
     
      • You Dialed 9-1-1…Now What?

        Published Dec 09 2016, 9:29 PM by Josie Slaughter
        • NG9-1-1 Dispatch

         April is 9-1-1 Education Month. Throughout the month this blog series will highlight different aspects of the emergency response process, including what happens when you text or call 9-1-1, and will pay tribute to the men and women behind the phones. This April, take some time to learn something new about America’s emergency response system.

        It is estimated that on average, individuals in the U.S. and Canada will call for emergency support at least twice during their lifetime. Panic, helplessness and fear can be minimized or eliminated by knowing when to call and what to expect when you dial 9-1-1. On the other side of the phone there is a team of highly trained professionals working hard and following a finely tuned process to get you the help you need.

        It’s like a relay race.
        Members of the 9-1-1 team take turns performing various actions at rapid speed to finish the race and solve your emergency. As soon as you dial 9-1-1 the race is on: the 9-1-1 call taker is the first runner - the first, first responder. A dispatcher acts as the second-in-line when they pass information on, and the first responders bring it home by coming to your aid. When the relay shotgun goes off and a call is placed to 9-1-1, the call taker understands that people facing a crisis need help as fast as possible, so they focus on four immediate things:

        1.) Where is help needed?
        2.) What happened?
        3.) When did it occur?
        4.) Who is involved?

        After the call taker receives all that information, they then pass it on to the dispatcher. The dispatcher's main goal is to use a computer-aided dispatch (CAD) system to locate the closest resources to the emergency and send them out quickly. Depending on the emergency, 1 to 100 trained personnel are set into motion. While responders are on their way, dispatchers stay on the line and ask more questions. This is to gather information as a situation develops as well as to to help keep the caller calm and assured. The questions asked will not delay the race or arrival of emergency personnel, but is a strategic effort to make them faster and better prepared to help upon arrival.

        Once there, the dispatcher passes the baton to the first responders. They focus on assessing the situation and taking immediate steps to resolve the issue—whether it’s a medical emergency, crime in progress, fire, domestic issue, or a natural calamity.

        What happens when you call 9-1-1 from a cell phone?
        It was once better to call 9-1-1 from a landline because dispatchers could confirm a caller’s location, but now cell phones use enhanced 9-1-1 technology that relays accurate GPS data to the dispatch center, making it just as efficient. If a mobile phone is not equipped with GPS, cell towers can triangulate a caller's location. Although with this technology dispatchers can see where someone is, the first question that will always be asked is where the emergency is located to confirm that’s where help is needed.

        What happens if you dial 9-1-1 accidentally?
        It happens all the time. A cell phone “pocket dials” 9-1-1, the kids accidentally call, or for any number of reasons a phone connects to 9-1-1. If you do call 9-1-1 by mistake, don’t hang up. The dispatcher will immediately dispatch police because they don’t know why you hung up. You may be in trouble and they need to ensure there is not an event in progress that has caused you to hang up. Dispatchers take prank 9-1-1 calls and hang ups very seriously, and can assess serious fines if they believe someone is abusing 9-1-1. They are always there when help is needed.

        Call takers at 9-1-1 centers are dedicated to being on call 24 hours a day, 365 days a year. Although they hope you never heed help, they are there, ready at the starting line to get you the help you need.

        Learn more about the first, first responders.

        Josie Slaughter is the Global Marketing Manager, Public Safety Solutions for Motorola Solutions

      • Are Your Support Services Ready to Help You Meet the Challenges of Mission-Critical Network Performance?

        Published Dec 09 2016, 9:29 PM by Robert Buethe

         In emergency situations where first responders must make rapid decisions, the reliability of communications can make the difference between tragedy and safety. Behind the scenes, you're tasked with keeping these mission-critical networks at target performance levels. This responsibility comes with its own unique set of challenges:

        - The need for immediate response to and resolution of critical network issues

        - Increasing complexity as technology evolves with the surge of new applications and features

        - Ever-increasing cybersecurity risks

        Evaluating the current state of your mission-critical network support
        It takes active vigilance to ensure mission-critical operations deliver true mission-critical performance. If you haven’t reviewed your operational support plans for over a year, it’s time for re-assessment. Below are the questions to consider when evaluating the reliability of your networks and the services required for peak performance:

        Risk management: Do you need a predictable financial model to maintain your network operations? What are the implications of a network outage and the costs associated with it?

        Intelligent network monitoring: Do you have the tools to easily identify critical events and resolve them efficiently? Are you using the metrics from network monitoring to optimize and adjust for capacity variances on your system? Are you maintaining a knowledge database that aggregates intelligence efficiently to properly resolve and prevent outages?

        Security: Do you understand your risk posture? What measures do you have in place to protect, detect and respond to cyber intrusions?

        Expertise: Do you have a team versed in RF and IP to maintain your network that can also help you keep up with evolving technologies?

        Staying current: Are you keeping your core network hardware/software up-to-date? Do you have a plan in place to address obsolescence on your system?

         

        Ensuring the right support for mission-critical communications networks
        Motorola manages some of the largest critical communication systems worldwide and understands the intricacies required for successful operations. Based on decades of operational intelligence, our service delivery is now restructured into a continuum of expert service packages to help you achieve target performance outcomes based on your resource requirements and propensity to manage risk:

        If you already have a dedicated team but need added support and coverage 24x7, Essential Services help you maintain and restore your network. This includes recommended annual preventive maintenance to mitigate downtime.

        If you are experiencing any downtime and need ways to efficiently improve network continuity, Advanced Services provide remote incident management and proactive security patch updates pre-tested to ensure no impact to your operations. Our dedicated staff monitors network events to detect, troubleshoot and resolve network issues quickly and accurately. We can also help you devise the best possible network-upgrade strategy to realize the full value of your technology investments.

        If you are ready to outsource your network operations, Premier Services are tailored to address your goals and relieve you of financial and operational risks. Motorola’s expert managed services professionals are dedicated to your network operations to deliver guaranteed performance and assured outcomes 24x7x365, freeing your staff to focus on core tasks and objectives.

        All service packages include access to the MyView Portal, providing real-time visibility into critical system- and service-performance data on demand. Use the portal to generate reports and stay closely connected with our service-delivery team.

        As you assess the health of your network operations, let us help you discover the best service model to ensure the best operational performance. To learn more, visit motorolasolutions.com/services.

        Robert D. Buethe, MSSSI Vice President Americas Managed Services

      • Demystifying Intelligent Middleware

        Published Dec 09 2016, 9:29 PM by Rick Mostaert

        In 1991, the ASTRO system was born. With the anticipation of Project 25 (P25) - designed to create a user-driven, flexible, and open standard for radio communications - Motorola built ASTRO as a land mobile radio (LMR) platform to comply with the P25 standard. To celebrate ASTRO’s 25th year, this series will look at the past, present, and future of ASTRO 25 and answer the most pressing questions being asked by radio users today.

        P25 hardware is easily understood - it is a system’s machinery and physical infrastructure. Similarly, P25 software is simple to explain - the coded programs and other operating information used by the computers, like software for any other application. But intelligent middleware? That one continually stumps radio users and partners alike. Agencies need to understand what intelligent middleware is to fully realize just how much they need it. And to understand what intelligent middleware is, we need to understand where it came from.

        Where did intelligent middleware come from?
        Motorola originally introduced unified services for ASTRO 25 to provide a common source of information from which multiple applications could pull to get reliable, consistent data. For example, many applications might want to know the GPS location of a radio or if a specific radio was turned on and registered on the system. Rather than have multiple apps ping the radio for the same information, it would be more efficient for a service to ping the radio once and then disseminate the results to all applications needing that information. This reduces radio traffic, reduces battery consumption and provides consistent information across multiple applications.

        What is intelligent middleware?
        Simply put, intelligent middleware is the next generation of unified software that bridges across applications and networks to provide a suite of services that provide radio users with a consistent experience across devices, platforms and applications. Information such as talkgroups, location and presence is available to any application regardless of the network or device type. For example, you may have multiple mapping applications, one for CAD, one for command staff and another for the field. With intelligent middleware all your applications have access to the same data in order to plot the location for ASTRO 25 radios and LTE broadband devices. As another example, you may have multiple applications that need to know the definition of a group (mapping apps, messaging apps, workflow apps, report writing apps). Allowing each apps to create their own definitions of a group introduces tremendous overhead as you onboard and offboard staff and change assignments. These types of changes would need to be made in multiple places. Failure to do this accurately could result in people not getting the communications they need when they need it resulting in inefficiencies and potentially decreases in safety. Centralizing this ensures consistency across all applications.

        Why is intelligence middleware important for my agency?
        Increasingly agencies are adopting smartphone technology in order to be more efficient and keep officers safe. However, these devices shouldn’t be outside of the normal agency communication structures. Integration is key. The convergence of applications and services is a key step toward that convergence of P25 and broadband. How you are connected becomes less important because your workgroups follow with you as you move across different environments. Whether you are on a P25 or broadband network, your workgroups are always available to you to collaborate. With middleware, abstracting your applications from various network interfaces, third party developers do not need to develop unique applications or interfaces for each network simplifying integration.

        Intelligent Middleware is built into every new ASTRO 25 system shipping today which means you may already have the foundations of convergence today. To learn more about intelligent middleware, visit www.motorolasolutions.com/intelligentmiddleware

        Rick Mostaert is the Senior Director of Product Management for Intelligent Middleware and Mobile Apps at Motorola Solutions.

        Read more ASTRO 25 blogs below:
        Happy 25th Birthday ASTRO!
        ISSI or Multizone? Which P25 Interoperability Solution is Best for your Agency?

      • 7 Steps For Developing A Robust and Resilient Security Architecture

        Published Dec 09 2016, 9:29 PM by Tom Mihm

        TM_Blog_Graphic_0316_pev1_800x800px.jpg

        As cybercrimes continue to increase both in volume and velocity your agency needs to be assured that the infrastructure and products you use have security built in. Whether it's a radio, dispatch console or infrastructure component; designing a secure architecture, from the ground up, is paramount to ensure that your mission critical voice and data is safeguarded. In my 30+ years of designing secure communication systems and products I have found that there are seven steps, that if diligently followed will result in a robust and resilient security architecture:

        1. Understand the threats
        A threat is a force, organization (terrorist group, foreign government, crime organizations, or hacktivists) or person (hackers and insiders within your agency) that seeks to exploit a vulnerability in order to obtain, compromise, or destroy an information asset. When trying to understand the threats that you and your organization face you first need to think about the motivation behind the threats. Motivation is about asset value and means. An attacker is far more motivated to try to obtain a public safety agency administrator’s password that could give him access to a local police department’s database of confidential information than stealing the password to a single police officer’s database login. However, if stealing the password of a police officer is easier for an attacker to do, the threat to the officer’s password may be greater in spite of its lower asset value. Understanding the threats means you need to identify all of the data assets handled by the system, the value of those assets, who would be motivated to steal or disable those assets and most importantly understand why. Then you need to examine and note the various ways an attacker could gain access to those assets.

        2. Understand the vulnerabilities
        A vulnerability is a weakness in a product or system that can be exploited by threats to gain unauthorized access to an information asset. Vulnerabilities are the “weak links” that allow defenses to be circumvented; giving an attacker access to your mission critical voice and data communications. You only need to monitor the Common Vulnerability and Exposure list to realize just how vulnerable your devices and systems are. Many organizations will rely on "patching" cycles to mitigate some of the most common vulnerabilities but as studies continue to show that the speed and agility of hackers which can out maneuver such techniques in the form of zero day attacks. 2014 had an all-time high of 24 discovered zero-day vulnerabilities. Most notably the “Heartbleed”, where attackers moved in to exploit vulnerabilities much faster than vendors could create and roll out patches. The key to effectively mitigating vulnerabilities is to first understand what causes them and next to create a focused, layered defenses that limits the damage if a vulnerability is exploited. Often vulnerabilities are the result of design flaws, making patching cycles necessary. However many times they are the result of the misuse of a legitimate features. It is also important to understand dependencies and interactions between the vulnerabilities. I have found a layered defense or a defense in depth is quite effective at blocking or limiting damage from exploited vulnerabilities. For example, SE for Android is very effective at enforcing mandatory access control on device resources as long as the linux kernel underlying the Android OS is not compromised. This means you may need an additional security layer that protects the kernel depending on your anticipated threat profile.

        3. Understand your constraints
        Operational constraints are all too often overlooked or ignored by security architects who would rather invent an interesting solution than address the real problem at hand. According to a Clarus Research Group survey, “35 percent of respondents said budget constraints were the biggest threat to their IT infrastructure, 17 percent said that cyber attacks were the biggest threat, and 22 percent of respondents volunteered that all options offered on the survey from budget constraints, cyberattacks, limited bandwidth, technology limitations, and legal requirements are collectively considered the greatest threat to organizations. These constraints will inevitably get in the way of a “clean” solution. Nonetheless, these messy things define your space that your secure solution must fit into. Theoretical security is fine for the classroom. Applied security is what you need in the field.

        4. Understand the value of what could be at risk
        The first three steps result in a “context” for the data assets. In this fourth step you need to assign a “value” to each data asset by examining, in context, the consequences if the asset is stolen, modified or deleted. The greater the consequence, the higher the asset value. You then combine the asset values with their associated threats, vulnerabilities and constraints to produce a set of relative risk values. The greater the risk the greater the need for protection. This final risk model should then drive your security architecture toward a solution that is both balanced and effective.

        5. Always question your assumptions
        The step most often neglected in any development process is the one where all underlying assumptions are identified and validated. The effectiveness of any solution, especially a security solution, is directly dependent on the validity of the underlying assumptions. You must explicitly identify, examine, validate or correct all of your underlying assumptions about threats, vulnerabilities, risks and constraints if you want to eliminate oversight mistakes, identify any holes in the underlying logical architecture and establish a precise value to any residual risk.

        6. Use what works
        I am a strong believer in using design patterns. A design pattern is a “standard” or commonly used solution that works for a recurring or common design problem. Design patterns are used in many different fields of engineering, architecture and the trades. A simple example of a security design pattern is a shared secret used to enable symmetric encryption or authentication. Security design patterns should be used as often as possible in any solution simply because they work. Even the National Security Agency has endorsed security design patterns over proprietary solutions with their recent switch to standardize security algorithms and protocols to protect classified information. Bottom line; use as many security design patterns in your solution as you can because you know they work.

        7. Do all the steps all the time
        Many years ago in my junior engineering days a wise senior engineer by the name of Pete Lehey shared with me what he called “Lehey’s First Law of Systems Engineering” – it was: “You do all the steps all the time.” Another way to state Lehey’s First Law is – When developing a world class security solution there are no short cuts. You will always have the pressure and temptation to skip a step or shortcut the process in the interest of time, money or both. I have found without exception that you don’t skip steps, you only change their order. Sooner or later every step needs to be performed – it’s only a question of how much more it will cost to perform the step later than sooner.

        To learn more about Motorola product security, visit www.motorolasolutions.com/astro or watch a video on ASTRO 25 security here.

        Tom Mihm, CISSP is the Chief Security Architect for Secure Products Group at Motorola Solutions