Omnilert Blog

6 Tips to Secure your Emergency Notification System Against Hackers

Scott Howard By Scott Howard

It’s a fact of life in 2019 that cyber threats are everywhere. We know that we need to set strong passwords on our email, encrypt connections to our banking, healthcare, wifi, and even lockdown our social media accounts.  


So, why should your emergency notification system (ENS) be any different?


A breach of your email or social media could be embarrassing.
A breach of your bank account could be inconvenient and very costly.
A breach of your emergency notification system could be even worse. It could reduce confidence in real alerts or even put your community in real-world danger by causing a panic.

What can you do to help ensure that a hacker doesn’t compromise your ENS?


Anything connected to the outside world can get hacked. The Internet isn’t the only threat. That is a fact of life in the modern world. If you can reach your ENS from the outside world by any means, a hacker can and probably will try to hack into it at some time. Some hackers are just curious, but many can and will do serious harm if they get in.


Unless you unplug everything, rendering all systems totally useless, you’ve got real risks to mitigate.


So, we know that “100% unhackable” is likely not realistic. With this in mind, let’s focus on making your ENS really hard to hack.


If you make hacking difficult, it’s not worth the effort. We call this “hardening” the system. Hardening is the key. The goal of your ENS security should be to make hacking no fun for the hacker.

 

6 tips to harden your emergency notification system:

 

1. Keep software up to date

 

Make sure any servers or software used for your emergency notification system is kept updated. If it’s on-site, your administrators should subscribe to email lists and announcements so that they’re ready to test and apply security patches when they come along.

If your ENS is a hosted “Software as a Service”, like Omnilert, make sure your vendor is keeping their systems updated.

An unpatched server is a hacker’s best friend.


2. Beware of outdated technology


The Internet isn’t the only threat when it comes to hacking. Lots of older physical systems, such as sirens, radio pagers, and overhead paging systems, were built before hacking was really an issue. Many older systems simply don’t or cannot keep up with the times and thus have gaping holes exposed through connections to public telephone networks or radio signals.

All physical systems connected to your ENS should be reviewed regularly for possible security holes and kept updated accordingly.

 

3. Your ENS is only as secure as your weakest password


Like any critical system, you should use good, strong passwords, especially for your powerful administrative logins.  Longer is better. Be sure to use a mix of letters, numbers, and symbols. Most emergency notification systems, like Omnilert, offer options to enforce strong passwords. Turn those features on.  

 

You should also consider a policy to require all passwords to be stored securely, never shared, and changed regularly.  You may also benefit from using one of the various "password manager" services available. 

 

4. Change your password often

 

Administrators should be encouraged to change their passwords on a set interval. Old passwords should not be "recycled". (Omnilert includes functions to enforce password changes accordingly.)

 

5. Use separate logins for "day-to-day" and "super" admin access

 

Most systems allow you to keep your main administrative and day-today accounts separate. 

 

If your day-to-day tasks don't need full access to your whole ENS, then set up a restricted account for daily use. Keep your "super" access secured with a very strong password and use it sparingly.  This way, if your day-to-day password gets compromised, the attacker can do less damage. 


6. Don't leave critical documents unsecured

 

You may have the best passwords and encryption on the planet, but if the main password is on a sticky note in the lobby, you're primed to get hacked. Always shred critical documents, such as outdated emergency response plans, password sheets, etc. before tossing them in the recycle bin. Hackers can and do love to "dumpster dive".  

 

I hope nobody out there ever gets hacked. Follow these tips and you should be less of a target for the would-be hackers and cyber attackers out there. As long as we live in an interconnected world, we all need to take precautions to keep the bad guys out of our critical systems.

 

To continue your knowledge of ENS tips and insights, download the Insight ENS Testing Best Practices.

 

Get the Insight


Active Shooter Emergency Preparedness Guide - During

No organization wants to think about the day that an emergency might happen at their facilities, especially an active shooter crisis, but it is something that each organization must prepare. Not only is mass emergency preparation a legal obligation, but most would argue that it is a moral one. You want to keep your people informed and out of harm’s way. If there’s an emergency, people expect to be notified and provided the guidance to remain safe. There are many alerts that we have grown accustomed to receiving such as weather alerts, Amber or Silver Alerts, or even local emergency alerts. So, if there’s an active shooter emergency in the vicinity, people expect to be alerted in a similar fashion.

Continue Reading

Emergency Communications & Notifications, Emergency Planning & Preparation, Automating Emergency Notifications

Juliet Hulse 

Triggering Severe Weather Safety Notifications Through Omnilert Scenarios

Severe weather can happen at any time. Depending on the season and your location, weather threats can range from thunderstorms and tornadic activity to hurricanes, Nor’easters, or even a wintry mix. Having emergency communication plans and an automated method of distributing said communications in place helps ensure you and the people you are responsible for are kept safe and informed during severe weather season - no matter which season.

Continue Reading

Emergency Communications & Notifications, Emergency Planning & Preparation

Andy Hausman 

Off-Campus Timely Warnings - An Explanation

Of all the requirements of the Jeanne Clery Act college and university communities most frequently associate it with the timely warning. As an original part of the 1990 law timely warnings have fundamentally changed how students and employees learn about campus crime in a way that is now firmly enshrined in their cultures as it is what they most frequently see.

Continue Reading

Emergency Communications & Notifications, Emergency Planning & Preparation, Automating Emergency Notifications

New Call-to-action

Yes! Send Me Vital Industry News & Updates