1. Keep the net running During any crisis keeping the lines of communications working is a key requirement. Almost every review of crisis and emergency response showed the importance of keeping communication systems working. (http://www.dtic.mil/ndia/2001wmd/scalingi.pdf) Unplugging things without reason seems to always make things worse. 2. Maintain the integrity of net data Implement procedures to assuring the integrity of the control data used in the net. This isn't the content of communications, but the routing and control data. This can be as simple as setting and synchronizing clocks used to generate timestamps, verifying IP address announcements, anti-spoofing filters, use routing passwords, patching known security holes. 3. Single point of contact A crisis is not the best time to learn that an ISP has decided to implement a voice mail system which won't allow any outside contact with their NOC until a 17 digit customer number is entered. All communciation providers need a reliable method to contact each other during a crisis. 4. Standardized law enforcement assistance forms Both law enforcement and ISPs need to work on specifying what the ISP needs from law enforcement and what law enforcement expects back from the ISP. There are a lot of language problems between the two groups, and often they don't understand what the other side is saying. It would also speed up the process of verifying the lawful authority for releasing the information if law enforcement knows ahead of time what ISPs expect. I understand we're not lawyers, that's why it needs to be decided ahead of time by the lawyers. But as engineers we can figure out what information is required to respond to specific, though generic, types of actions. It will also cut down on the mistakes which have happened.
participants (1)
-
Sean Donelan