Police Claim Unlawful E911 Call Interception

This Avaya CONNECTED Blog
is also available as an MP3 Audio File on APN


iStock_000019227418XSmall-text2-911.jpgWe all know at a very early age in the United States, that dialing 9-1-1 will immediately connect us with someone in public safety. In fact we take it for granted that dialing 9-1-1 will actually connect us with 9-1-1. Unfortunately, this hasn’t been the case as reported by The Columbus Dispatch, and several other news agencies, the Delaware Ohio Police Department began an investigation in how local telecommunications company ICS Telecom of Ohio was handling emergency 9-1-1 calls.

Delaware Police Chief Bruce Pijanowski reported that workers at ICS Telecom of Ohio have been answering 9-1-1 calls, taking down the callers names and locations, and then calling in the information to police themselves. According to Pijanowski, this not only violates federal regulations but raises public safety concerns.

To further complicate the situation, ICS Telecom also provides “hosted” voice over IP services to businesses, in place of a PBX. In this case, they are the MLTS or PBX operator, and are therefore responsible for delivering access to 9-1-1 just like any other business would be.

A similar issue often comes up with commercial PBX operators who choose to locally terminate calls to 9-1-1 from telephones under their control. But what is the law? And how does it apply?

Depending on the “carrier status” of ICS Telecom, and the definition of the service that they were providing, they may or may not be considered “a carrier”. This is where the lawyers are going to establish what the playing field is, what the rules for that playing field are, and then finally decide if ICS violated any of those rules.

It’s entirely possible that ICS Telecom, is not required to provide any of those services, as there is no legislation covering MLTS PBX in Ohio . . . yet. This is why the Federal Communications Commission takes MLTS E911 functionality as well as carrier licensing seriously, and is why MLTS PBX legislation is critical in all 50 states, not just the 18 that make some mention of it. Not to mention the fact that only a handful of those 18 actually have any legislation that means anything, and even then only a single state actually has a penalty for noncompliance defined, and not even applicable for several more years.

Reportedly, test calls were placed after emergency workers questioned what was going on, and it was determined that 911 calls on the ICS network were in fact being answered inappropriately in what is being called a “third-party interceptor” in handling 9-1-1 calls.

The investigation is continuing, and no one has been charged with a crime at this point. ICS customers are being advised to call their local law enforcement agencies directly, and not dial 911 until the situation is resolved, and a special email address has been set up at ICS911Concerns@DelawareOhio.net, where any ICS customers who believe they had issues with 9-1-1 services are encouraged to speak up.

The story will continue to unfold over the next several weeks, and it was reported that search warrants were served on 4 locations and that police officials had carted off what was described as “a large amount of paper documents as well as hardware.”

Often, it is tempting for an enterprise customer to answer their own 9-1-1 calls, and with the proper procedures in place, may provide better service. This particular instance is clearly an example where things can go horribly wrong, and a company can be needlessly put in the middle of headlines. APN will continue to follow this story, and report back any findings to our listeners and readers.


Want more Technology, News and Information from Avaya? Be sure to check out the Avaya Podcast Network landing page at http://avaya.com/APN . There you will find additional Podcasts from Industry Events such as Avaya Evolutions and INTEROP, as well as other informative series by the APN Staff.

APN Blog Banner

Thanks for stopping by and reading the Avaya CONNECTED Blog on E9-1-1, I value your opinions, so please feel free to comment below or if you prefer, you can email me privately.

Public comments, suggestions, corrections and loose change is all graciously accepted 😉
Until next week. . . dial carefully.

Be sure to follow me on Twitter @Fletch911

Fletch_Sig.png 


CacheFly LogoAPN is Powered by Cachefly
CacheFly is the world’s fastest CDN, delivering rich-media content up to 10x faster than traditional delivery methods. With a proven track record and over a decade’s worth of CDN experience, companies around the world choose the CacheFly CDN for reliable and unbeatable performance. For more information, visit www.cachefly.com

Related Articles:

Get out of the Queue: Drive Your CX with Attribute Matching

At this point, nearly every company is working overtime to realign around two simple words: customer experience (CX). So much so that nearly 90% of companies now compete solely on CX—a drastic increase from 36 % in 2010—and 50 % of consumer product investments are expected to be redirected to CX innovations—like attribute matching—by the end of this year.

But what exactly does the CX consist of, especially in today’s new world of digital business innovation? This next-generation CX is supported by several advanced technologies—big data analytics, omnichannel, automation—however, these investments are all aimed at driving one thing: contextualization.

The rise of contextualized service—the ability for companies to not only gain insightful information about their customers but also deliver information in a way that is relevant and meaningful to customers based on individual circumstances to improve their experience—has evolved the CX to a point where it looks virtually nothing like it did as recently as 10 years ago. Whereas consumers once primarily focused on the act of purchasing, driven by such things as product quality and price, they now focus on the richness of brand relationships, driven by the personal value that companies deliver throughout the customer journey. Just consider that 70% of buying experiences are now based on how customers feel they are being treated. This is the key factor that sets apart market leaders like Amazon, Trader Joe’s, and Apple from the competition.

According to Accenture, there is an estimated $6 trillion in global revenue up for grabs due to dissatisfied customers constantly switching providers. The ability for companies to offer contextualized service is vital for operating at the speed of the consumer and capturing more of this market share. There’s just one thing preventing companies from seizing this limitless potential: the traditional call queue.

Every customer is familiar with the call queue. This is the place where statements like, “Your call is important to us. Please continue to hold,” and “Let me transfer you to a specialized team who can help you with that” perpetually live. It’s where exhaustive efforts to route customers to the correct service rep become lost, or where consumers must repeat the same information to multiple agents across different teams. It’s the greatest barrier preventing companies from being more dynamically connected to their consumers, and one of the greatest reasons why customers reduce their commitment to a brand.

Driving Contextualization with Attribute Matching

In a world where customers demand a profound level of connection and transparency, organizations can no longer support a contact center environment in which calls are distributed among agents who are organized by function (i.e., sales, service, support). In today’s smart, digital world, companies must transform the traditional call center into an integrated, digital communications hub. This means moving away from a siloed, metric-driven queue and instead working to put customers in touch with the best organizational resource depending on their exact need or circumstance as immediately as possible. The most effective way to achieve this is to migrate from archaic infrastructure towards an integrated, agile, next-generation platform built on open communications architecture.

Open communications architecture allows organizations to seamlessly collect, track and share contextual data across various teams, processes, and customer touch points. This integrated environment supports a real-time data repository from which businesses can pull from to route customers based on needs beyond traditional characteristics (like language preference). Rather, the technology allows companies to build customized learning algorithms that drive anticipatory engagement, enabling them to match customers based on next-level variables like personality, emotion and relatability.

Imagine, for example, a hotel routing a customer directly to an IT staffer after seeing that the person tweeted about a poor in-room Wi-Fi connection. Imagine a bank being able to route a customer to a money management expert after seeing that the last five questions asked via live chat were about account spending. Imagine an athletic apparel company matching a customer with an agent who is an avid runner after noticing that the individual recently signed up for a 5K.

The future of the CX means creating and continually building a contextualized view of customers throughout their entire brand journey. It means going beyond customer service to establish unparalleled, organization-wide relationships. It means transforming peoples’ lives, verses simply answering questions. This is what companies must work to align themselves with. The good news is that technology has evolved to a point where they can now easily, effectively and cost-efficiently do so.

Interested in learning more or getting beyond the queue to Redefine Your Customer and Employee Experiences? Contact us. We’d love to hear from you.

Reducing the Risks of Distributed Denial of Service Attacks

Picture what may just be one of the scariest scenarios in your career: The network has slowed to a crawl. You can barely hold a management interface, let alone control the network elements involved. The attack propagates, and as it does you watch your services drop one by one. Panic sets in. You’re experiencing a Denial of Service (DoS) attack. All resources are focused on stamping this fire out—and that may very well be the intention of the attackers.

A DoS attack might be a smokescreen to get you to focus elsewhere while the intruder goes about covert business in a much safer fashion, leaving little forensics afterward.

DoS attacks are an easy thing to comprehend. Even the term Distributed Denial of Service (DDoS) is an easy extension. But the strategy behind why they’re used and their intent can vary dramatically. A DoS attack can occur in an array of sophistication. Here’s a quick breakout from the simplest to most complex attacks:

  • Network Level attacks:

    The simplest ones—TCP, UDP, ICMP, Floods

  • Reflective/Amplified attacks:

    Service focused—DNS, NTP, SNMP, SSDP, Specific floods

  • Fragmentation:

    Session specific—overlaps, missing, too many

  • Application specific:

    Repetitive GET, slow READ or loop calls

  • Crafted:

    Stack and protocol level, buffer resources

These methods are often overlapped in a targeted fashion. In essence the attack is a series of waves that each hit in varying degrees of sophistication and focus. Other times the attack is relatively primitive and easy to isolate. The reason for this is that in the simplest levels, it’s an easy thing to do. As an example, a disgruntled student, upset over a new vending matching policy, could mount a DoS attack against his or her school administration. On the other end of the spectrum is a much darker orchestration, the sleight of the hand to get you to look elsewhere. This is typically the signature of an Advanced Persistent Threat (APT).

Unless an attack is very simple and short-lived, it needs to be distributed in the way it operates. It needs to be generated from various points of origin. This is referred to as a DDoS attack. The attacker needs to coordinate a series of end points to execute some particular event at the same point in time or perhaps, in more sophisticated examples, as phased against a time series. For a DDoS attack, the attacker requires a command and control (C2) capability. This means that they need to have access and response to the compromised systems. This is referred to as a Botnet.

Botnets do not have to be sophisticated to be successful. They only have to implement a simple set of instructions at the right point in time. Let’s take the recent reflective/amplified DDoS attack on Dynamic DNS services on the East coast of the U.S., which affected several large firms such as Amazon and Yahoo. The attack was mounted from residential video surveillance cameras. Even though there was no direct intrusion, the firms were impacted. Which leads us to two lessons.

Lesson number one: Security in IoT needs to be taken more seriously in the product design stages. Perhaps the concept and treatment of residential security systems needs to be rethought.

Lesson number two: As we move to outsourcing and cloud services we need to realize that we spread the reality of our exposed risk. Due diligence is required to assure that service providers and partners are doing their role in end-to-end security. But do you recall I mentioned that the source of the orchestrated attack was from the residential network? This brings about a new degree of challenges as we look at the new world of consumer IoT.

How do we maintain security in that sector? Clearly the residence itself should uphold best practices with a well-maintained and monitored gateway. But let’s face it, this is generally not going to happen. The monitoring of behaviors and abnormalities at the provider interface level is the next best catch and many providers are moving to reach this goal.

The other key point to remember about botnets is that in order to command, one has to control. This can happen in various ways. One is automatic. It infects and sits until a predefined time and then activates. This is the simplest. Another method requires true C2. Either way, bad code gets residence or existing code gets leveraged in negative ways. You should be able to pick out the anomalies.

Proper design with hyper-segmentation can greatly reduce the risk of propagation from the initial infection. The botnet is contained and should be readily identified, if you’re watching. Are you?

Continuous Learning: Propelling Forward in a Rapidly and Inevitably Changing World

Whether we realize it or not, advanced technologies like artificial intelligence (AI), augmented reality, and the Internet of Things (IoT) have transformed the way we think about the world around us. From how we protect our schools to the way we navigate our streets to how we shop for groceries, such technology now lies at the heart of practically everything we do today.

Just as these technologies have changed the way we live, they have changed the way we work. Today’s rapid pace of innovation has transformed nearly every business task, process, and workflow imaginable—so much so that industry analysts estimate that up to 45% of activities that employees are paid to perform can now be automated.

This digital disruption—or what many are calling the Fourth Industrial Revolution—without question redefines traditional roles and responsibilities. In fact, research shows that in five years, more than one third of skills that are considered important in today’s workforce will have changed. Even more, analysts estimate that 65% of children today will grow up to work in roles that don’t yet exist.

While we do still see employees that specialize in one skill or expertise, we’ve mostly moved away from the days of hiring an employee for just one job. As technology evolves, so too do the skills required to innovate and propel forward. Looking ahead, employees must have a propensity for continuous learning and adopting new skills to be able to recognize and respond to today’s speed of digital change.

Consider how technology has changed the marketing paradigm. As recently as 10 years ago, marketing platforms like Marketo and HubSpot had only just been founded, Facebook was still in its infancy, and the first iPhone had newly hit the market. As technologies like cloud, social, mobile and big data evolved, however, we suddenly began seeing new tools specifically designed to enhance digital media, social media marketing, and mobile marketing. As a result, companies began searching to fill roles for social media coordinators, digital campaign managers and integrated marketing planners—jobs that were unfathomable 15 to 20 years prior.

Fast forward to today and we’re seeing the emergence of new technology for marketing, such as augmented reality, geofencing, and emotion detection. The continual emergence of new technology perpetually creates skills gaps that must be filled by employees who are passionate, motivated, and invested in their own learning. These kinds of team members are committed to developing new skills and leveraging their strengths to outperform.

But not all employees can easily identify their strengths or develop new skills. This is likely why nearly half of employees today feel unengaged at work, with nearly 20% feeling “actively disengaged.” At the same time, companies are struggling to align employee strengths with organizational priorities. Employees may have certain strengths, but employers may find those skills don’t directly increase operational efficiency or performance. This is why nearly 80% of businesses are more worried about a talent shortage today than they were two years ago.

So, what’s the answer? Employees and employers must work together to identify what roles are currently filled, what skills are still needed, and who best exemplifies those skills. For employees, this means taking control of how they grow their careers and improving for the better. For employers, this means displaying an unwavering commitment to employee reinvestment by understanding key areas of interest to effectively fill skills gaps.

At Avaya, for example, we’re leading an employee enablement program under our Marketing 3.0 strategy. The initiative is designed to help strengthen our marketing organization by equipping employees with the right competencies that reflect our culture, strategy, expectations and market dynamics. By doing so, we can ensure we’re recruiting and managing talent in the most strategic way, putting the right people in the right jobs with the abilities to perform at maximum potential every day. By having each marketing function participate in a simple knowledge profile exercise, we can begin objectively determining development opportunities that best meet their needs and the needs of our business.

As technology continuously evolves, it’s crucial that employees have a propensity for continuous learning and that organizations foster an environment for this learning. In the words of former GE CEO Jack Welch, “An organization’s ability to learn, and translate that learning into action rapidly, is the ultimate competitive advantage.”

We live in a world that is rapidly and inevitably changing. Employees should embrace this change to thrive, and must if they wish to propel business forward. As employers, we are responsible for strategically leveraging our resources to align employee strengths with organizational needs to succeed in this environment of constant change.