In the first installments (Part 1, Part 2, and Part 3) of our Cloud and NG9-1-1 series we gave a primer on Cloud technology, deployment options and service models. This week we'll start to apply that knowledge to public safety and NG9-1-1 challenges.
Numerous services have already moved to a cloud model, whether financial transaction processing, Department of Defense assets, or even the emergency notification systems utilized by many agencies. NG9-1-1 is also designed around a cloud services, but are we really ready for our emergency communications infrastructure to be "in the cloud"? The timeline below illustrates the growth and pervasiveness of cloud based services in public safety.
In addition to a whole new set of capabilities enabled by use of cloud services, public safety also has the potential for realizing cost savings. By its nature, our communications capabilities are designed with "above average" capacity. Meaning, while we normally can't support the stress of a large scale disaster without some form of failure or at least drop in service levels, they are designed to continue at levels far above average call volumes. Cloud services provide a unique flexible capacity. Multiple agencies leveraging the same cloud infrastructure can afford a shared surge capacity far beyond what any single agency could realistically implement – sharing not just bandwidth, application processing power, and storage but also enabling pooling of human call taking resources.
"Reducing or eliminating many hardware and software expenses offers an attractive solution for cash-strapped local jurisdictions that don't have the budget for large capital purchases. Monthly operating expenses, such as cloud services, can offer an alternative to these daunting outlays of taxpayer dollars."
– George S. Rice, Jr., APCO International Executive Director, March 10, 2010
One concern that is often raised as agencies look at moving towards cloud services is the loss of control. Are we OK with our communications infrastructure components being outside of our physical control. Whether you realize it or not, many components already are. Phase II wireless data and even the delivery of the call itself rely on third party components that are not under direct control of the local agency. It is the business of these third parties to deliver these services in a secure and reliable manner, allowing public safety agencies to focus on the business of emergency response. Often these vendors have more resources available to ensure best-in-class technology and processes are utilized than do smaller agencies.
What are the unique requirements for public safety when evaluating cloud service options? What does it really mean to ensure that the ESINet "Cloud" has the necessary security mechanisms and QoS? How do we determine the qualifications for a trusted provider in the ESINet? The key evaluation requirements can be grouped into three categories: Security, Quality of service and Service level agreements, and Functionality/Performance.
While the security of cloud solutions is often superior to traditional solutions because providers are able to devote pooled resources to solving issues many public safety entities cannot afford, security of the solution remains of paramount importance to public safety agencies. Not only is the secure and continued operation of the 9-1-1 system a critical consideration, but so is the safety of the data within the system. As the 9-1-1 network becomes exposed to a greater number of functions made available the potential for exposing private information that is increased. The level of complexity in securing data becomes more complex as the data is distributed across a larger number of devices and vendors in a cloud model. The table below provides a high level check list of security considerations around cloud services.
For more details on threats and key security concerns identified by Cloud Security Alliance see: https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf.
Next week we'll look at Quality-of-Service and unique functional requirements of Cloud services. Read part 5 here.
you may also like
3 Questions Fluor Asked Before Integrating WebEOC with a Mass Notification System
April 18, 2018
"We needed to figure out a way to integrate our mass notification system and employ accountability into WebEOC so we could integrate with one platform."
Gary Simon, Senior...