Breaking News for Citizens in King, Pierce and Snohomish Counties

Be in touch. Stay in touch.

The Regional Public Information Network is your one-stop resource for news alerts from more than 75 government, transportation, utility, health and emergency response agencies serving citizens in King, Pierce and Snohomish counties.
 
RPIN keeps the public informed about street and highway closures, weather, major transit disruptions, and provides updates on what agencies are doing to respond to emergencies and incidents. The public also can sign up to receive e-mail alerts and pager headlines from RPIN partners and get helpful tips to prepare for emergencies.

By Dan Yurman

 

For many nonprofits the need to secure the computer systems they use presents both a conceptual barrier as well as a technical one.  Groups think they may need an expensive specialist and often feel that "it can't happen to them."

 

Both of these assumptions are wrong.  Most steps that organizations need to take in order to protect their online assets do not require a lot of technical skill. What is needed is management attention, persistence, and attention to detail.  Here's a list of some of the more common sense moves even a small group can make that have good payoffs in terms of protecting digital assets. 

 

A lot of these actions can be taken relatively quickly and without special expertise.  This isn't a complete list, but there is a resource at the end with more tips.

 

Location – Do not put key organizational information, including personnel, financial, and client or member records, on the same computer system as the web site. 

 

Have a contractor host the website separately so that the public face of the organization on the Internet isn't a doorway to that organization’s internal operations.  Your website is the first thing that will be attacked, so make sure who ever hosts it has a verifiable track record of protecting their clients from efforts to upend your online presence. 

 

Check with your accountant about the firm's security measures since tax information will include things like social security numbers, payroll, checking accounts, investments, and health care benefits.

 

Passwords – Don't use proper names, place names, or birthday dates for passwords.  Use strong passwords that combine upper and lower case, numbers, and special characters. Do not allow staff to use the same password for all systems.  Do not store passwords online. 

 

Protection - Use a firewall and virus checker for all computers. Set them to automatically update and budget to renew subscriptions for security software.  You cannot allow it to get out of date.

 

Permission - Define who is authorized to access what data.  For instance, how many employees need access beyond email, calendar, and timecards in addition to personal productivity software like word processing and spreadsheets?  Keep a list of who has access to sensitive information such as payroll, taxes, personnel, and other information that needs to remain private. 

 

Many groups rely on volunteers to get work done.  Do you know which ones have access, or had access at one time, to your most important data?  Do they still need it?

 

When an employee leaves the organization, delete their passwords as part of the checkout process.  Immediately revoke all passwords for any employee who is fired for cause or for any employee or volunteer who quits as part of a dispute.

 

Backup – Hire a service to backup software and data on a daily basis and store it in encrypted form offsite.  This can be done over the Internet with a subscription service for desktops and laptops, and with a commercial service for larger systems like finance, personnel, membership, etc.

 

Travel - Do not allow sensitive electronic information to leave the premises on laptops or USB sticks.  Instead, use commercial VPN software to support telecommuting.  If employees use laptops on travel, buy a whole disk encryption software license to install it on all of them. 

 

WiFi – have two networks at your facility. The first is open, and insecure, for visitors. The second is secure and only for use by employees, contractors, consultants, etc.  Make sure the security features of the WiFi equipment are fully implemented and get help if you need it.  Do not use the public WiFi for the organization's business operations.

 

Public WiFi in coffee shops, airports, and hotels are not secure and should not be used to access important sites like online banking, credit cards, etc.  Hackers haunt these networks with sophisticated electronic "sniffing" tools to snatch online IDs and passwords for the purpose of identity theft.  This means your online time should be used cautiously in these places. 

 

If you are traveling alone, do not walk away from your laptop for even a few seconds as that's all it takes for a thief to grab it and disappear into the crowd.  When going through airport security, keep an eye on your laptop at all times. 

 

Phones – All cell phones need to have "lock" features and an "app" (application) that allows them to be tracked down if lost, and wiped remotely if stolen.  Most cell carriers offer a free backup service for contacts and there are plenty of "apps" to backup other data.

 

Social media – If your group has a Facebook page, do not wander away from managing it to play with links, even from "friends," that pique your curiosity but have nothing to do with the business of running the site.  Don't click on links in Twitter messages sent to you from people you do not know.  Educate your employees how to recognize online scams that seek to get someone to send them login information.

 

Get physical – Employ a reputable security firm to install intrusion, fire, and water alarms connected to a monitoring center.  Physical theft of computers is also a threat.  Water or fire damage can destroy your organizations ability to conduct business which is why you need backups.

 

Insurance – Cyber risks are not covered by standard liability, property, or casualty insurance. You can buy coverage that deals with privacy violations, business interruption, and other forms of cyber threats.  Make sure you are covered. 

 

For more information check the United States government Computer Emergency Readiness Team http://www.us-cert.gov/cas/tips/ for comprehensive guidance.

 

Dan Yurman is a consultant to energy industry firms for online information services. https://sites.google.com/site/djysrv/

SAFE Washington is pleased to announce our

“Safety & Security Training for the New Year 5772”.

 

 

Training Seminar is scheduled for Wednesday, September 7th 2011, from 9 a.m. – 11 a.m. at:

Temple De Hirsch Sinai, 1511 East Pike Street, Seattle.   

 

This is an opportunity you won’t want to miss!

 

Especially For:

 

Administrators, Security Staff, Lay Leaders, and others concerned with remaining current on security and safety in our Jewish Congregations, Organizations and Schools.

 

Highlights:

 

Washington State Fusion Center presentation:

A senior supervisory intelligence analyst from the Washington State Fusion Center will present a top down summary report on national, regional and local crime trends and suspicious activity reports.

 

Seattle Police Department presentation:
Detective Monty Moss of the Seattle Police Department will present “the 911 about 911”.

Topics include; How does 911 dispatch work, How to best make the call, What information should callers give to the dispatcher, and What information can dispatchers give to callers.

 

Bellevue Police Department, Joint Terrorism Task Force (JTTF) presentation:

Bellevue Police Department’s JTTF representative, Travess Forbush, will help attendees to understand how police departments and the FBI are working together to thwart terrorism efforts.

Setracon Security presentation:
Setracon Security Consultant, Nancy Slotnick will give tips and tricks for “General Facility Security and Protective Measures.”

Anti-Defamation League (ADL) presentation:
Hilary Bernstein, Director of the Anti-Defamation League in the Pacific NW, will explore the very real conundrum faced by schools and congregations – how to remain warm and welcoming, while simultaneously vigilant and security-focused.  She will alert you to important tips and easily accessible ADL resources that you can share with your staff, parents, and community members.

 

Temple De Hirsch Sinai presentation:

Larry Broder, Executive Director from Temple De Hirsch Sinai will present: “The Day-to-Day Challenges of Making a Welcoming Facility while Remaining Secure, - On the Ground Experiences.”

 

Resources Available:
FEMA Emergency preparedness brochures will be available for participants. The brochures provide emergency supply lists and planning tools for what you and your agency can do when disaster strikes.

Seattle Training Location:
Temple De Hirsch Sinai - Seattle Campus
1511 East Pike
Seattle, WA 98122

Please Note:  You must RSVP for this event; not only so we know how many to expect, but so you can be put on the building security’s “expected list”.

 

RSVP email to: andrewc@safewashington.com

Thank you for your time and attention; we look forward to seeing you at the training seminar.

 

 

SAFE Washington: A Mark Bloome Initiative

Eighth Annual National Preparedness Month in September: "A Time to Remember. A Time to Prepare," Encourages Americans to Take Simple Steps to Prepare for Emergencies

 

WASHINGTON - The Federal Emergency Management Agency's (FEMA) Ready Campaign, in partnership with Citizen Corps and the Ad Council, today announced the launch of new web tools that will make it easier for individuals and organizations throughout the nation to join the 2011 National Preparedness Month (NPM) coalition and pledge their support to help prepare their families, businesses and communities for emergencies of all kinds.

 

The eighth annual NPM will kickoff this September, using the slogan: "A Time to Remember. A Time to Prepare." The campaign seeks to transform awareness into action by encouraging all Americans to take the necessary steps to ensure that their homes, workplaces and communities are prepared for disasters and emergencies of all kinds.  

 

"As we move forward with planning for this year's events and activities, we also recognize that this September marks the ten year anniversary of the 9/11 terrorist attacks," said FEMA Administrator Craig Fugate. "By doing what we can to ensure that our communities, and our nation, are prepared to respond and recover from all types of disasters and hazards, we honor the memory of those who were lost that day."

 

Individuals and groups can now register to become NPM coalition members by visiting http://community.fema.gov. Once registered, members have access to a toolkit that includes suggestions for activities and events, templates, articles, banners and customizable materials. Coalition members also have access to an events calendar allowing them to post and promote preparedness events, share success stories, and participate in national and regional discussion forums to engage with fellow coalition members and FEMA representatives.

 

By hosting events, promoting volunteer programs and sharing emergency preparedness information, coalition members can help ensure that their communities are prepared for emergencies. Becoming a coalition member is easy and free, so register now to get started. Nearly 2,000 coalition members have already joined this year's campaign.

While NPM is held each September, FEMA's Ready Campaign promotes individual emergency preparedness at home, in the workplace, and throughout America's communities throughout the year. Ready is a national campaign, produced in partnership with The Ad Council, designed to educate and empower Americans to prepare for and respond to all types of emergencies, including natural disasters and potential terrorist attacks.

 

The Ready Campaign's websites (ready.gov and listo.gov) and toll-free numbers (1-800-BE-READY and 1-888-SE-LISTO) provide free emergency preparedness information and resources available in English and Spanish. Additionally, through FEMA's partnership with the Ad Council, public service announcements are available to increase the American public's involvement in preparedness.

New temporary law requiring the use of life jackets on King County rivers this summer

Posters about the new law are available on the Public Health website in seven languages.

Here is a link to download the posters: http://www.kingcounty.gov/healthservices/health/injury/water/riversafety.aspx

This year, river flows are especially high, fast and cold because of an unusually heavy amount of mountain snow melting into King County rivers.

Both youth and adults are Required to wear Personal Floatation Devices (PFDs), or life jackets, while boating, floating or swimming on rivers in unincorporated King County.

PFDs are not required for wade in the river up to five feet from the shoreline or for fishing.

If you have any questions, please contact Katie Ross at Public Health at 206-263-8781 or kathryn.ross@kingcounty.gov.

SAFE Washington/Jewish Federation, in partnership with Temple De Hirsch Sinai; are hosting a (No Cost) Red Cross CPR/First Aid Certification Course for participating SAFE Washington Agencies. 

The CPR/First Aid Certification course is open for up to 3 members of your Safety and Security Team to come and train with us.
Upon completion of the course testing, you will have a Red Cross CPR(Adult/Infant)+First Aid Certification that is good for 2 years.

SAFE Washington will be covering all the costs for this course.  Normally this course would cost $92/Person.

You Must RSVP with names and number of Team Members Attending (Up to 3 per Agency)
NO LATER THAN June 10th 2011 at 1PM PST.

NOTE: We do have Both a Minimum Number and a maximum number of people that can attend, so if you want to get your team trained and certified, you are better off getting your RSVP in earlier than later.
 

Training Day:   June 29th, 2011
Time:                8AM
Where:             Temple De Hirsch Sinai (Bellevue Campus)

Address:
Temple De Hirsch Sinai Bellevue
3850 156th Avenue SE
Bellevue, WA 98006
--


Please Send your RSVP to:  AndrewC@SAFEWashington.com as soon as possible. 
We will stop taking RSVP's either at our Max Capability or at June10th/1 PM, which ever comes first. 

Email is a great communication tool, and using it within limits is one of the most effective ways to send and receive information.  But never trust it 100%.

Spammers, Malware writers, Virus Writers, and Thieves in general have become really adept at utilizing email to scam even the most computer savvy business professionals in to giving up an email address, account number and password.

What we want to relay to you is this.  Do not EVER follow a link from an email sent to you. Not even from best Friends.

Read the information presented in the email. Look at the link and where it supposedly goes, and copy it down if you wish, but do not click on it.  Be observant, look at the URL, does the domain shown match the domain of the company it represents?

If you want to find out more from what the email is presenting, then, open a New, fresh web page from your favorite browser, and then in the address bar, Type in the URL of the site you want to visit. Either the exact URL you want, or browse and search for the page you are interested in viewing using the tools on that site. 

Don't Ever look at attachments from people you don't know. Don't trust your anti-virus to save you from this mistake. 

Your anti-virus is only good for viruses that are "known".  Consider this; Even if your AV is fully up to date; The viruses and malware that get the average online user are the ones that are freshly coded / are new enough that they haven't been documented.  If it's not documented, and you have opened it, then there is no telling what damage has, or could happen. 

It doesn't matter what Operating System you are using.  Everyone can be affected by this.

Spam Filters and edge filtration services are generally really good.  You probably get reports from your filters daily of thousands of email that has been rejected and/or quarantined due to virus/possible virus, or malware infection. 

Even then, some of the craftier stuff still gets through. Some Firewalls/UTM's catch some email that that the edge has missed.  Generally this type of dual layer approach stops 99.9% of malware/virus infection that Can get through the filters. 

However; even with overt attacks like malware and viruses handled by layered AV approaches like that mentioned above, the filters cannot stop an email going through that has been newly written to evade detection, and that has been crafted with custom graphics, and that leads you or your users to believe that a bank needs updated information.  If the user follows the links in those type of email, and the filters show that no new malware is being forced back through the connection, then then those users are freely able to enter in an account number, username, and password in to a thief's server. 

Is it really this bad?  YES. 

You may not know this yet, so we will state it here;

DO NOT EVER use the same password for all your online activities.  If an attacker compromises one of your accounts, something beyond your control, like attacking the server that houses such data, and they get your email address and password, then they will likely start visiting known banks, email services, online retailers, and other secure sites, and try using your username/email and password, with the knowledge that it is likely they will get in; because people like to keep things simple.

 

From Three of the FEMA Emergency Food and Shelter National Board Members

ACTION ALERT
THE EMERGENCY FOOD & SHELTER PROGRAM’S
FUNDING IS IN JEOPARDY
 
National Council of the Churches of Christ in the USA, The Jewish Federations of North America, and The Salvation Army seek your immediate assistance

 
March 7, 2011                                              

Contact: rob.goldberg@jewishfederations.org
                                                Link to this Action Alert at: http://www.jewishfederations.org/page.aspx?id=238429

 
Program Cuts: Looking to curb spending in FY2011 (October 1, 2010 – September 30, 2011), Congress, with the support of the Administration, has targeted the next EFSP Phase for a $100 million (50%) cut.  This cut could become law in a matter of weeks.  A cut this significant would severely curtail the strength and scope of the EFSP program, and impact community food and shelter programs across the country without impunity.  It will be an unprecedented loss to the program, in the midst of continued economic crises.
 
Action Required: We believe that nothing short of a major grassroots effort will curb the damaging cuts proposed for EFSP.  Please join us in our effort to turn back the cuts by contacting your respective Congressional delegations (House and Senate) ASAP, to educate them on the impact a cut this severe would have on your community’s EFSP recipient agencies and organizations.  Ask them to contact the respective House and Senate Homeland Security Appropriations subcommittees and urge them to limit the proposed EFSP cut to 25% of FY2010 spending (equal to a $50 million program cut).
 
Reasoning: In the current fiscal environment, many domestic programs, including EFSP, cannot avoid some level of funding cuts.  Effectuating a $50 million cut to the EFSP program, however unpalatable as it may be, would reduce EFSP spending to $150 million, the equivalent of the program’s FY2008 funding level. At $150 million, the allocation would align with overall spending reductions called for by the new House Republican majority and strengthened Senate minority to limit overall FY2011 spending to FY2008 levels.  It would also amount to $50 million more than the President proposed for EFSP in FY2011. (A strong response from the field, now, would also help us defend against further EFSP funding erosion in fiscal year 2012, which Congress will  start considering in earnest this month, as well.)  
 
To contact your Congressional delegation, you can either call the congressional switchboard at: 202-224-3121 or 202-225-3121 for operator assistance, or retrieve the direct contact information at THOMAS.LOC.Gov.
 

 
 
The Senate is planning to orchestrate “test votes” on the year-end CR as early as tomorrow.  The House-passed draft long-term CR, which would be voted on, calls for more then $60 billion in cuts below FY2010 levels, including only $100 million for EFSP. However, a Senate Democratic drafted to be offered as an alternative proposal to also be voted on would fund EFSP at $150 million (our goal) in a bill that calls for just $6.5 billion in cuts.  Both bills are expected to fail passage when the Senate votes on them, but the effort is intended to jump start the hard negotiations.  The current short term CR expires on March 18^th.
 

 
SEC. 1635. Notwithstanding section 1101, the level for ‘‘Department of Homeland Security, Federal Emergency Management Agency, Emergency Food and Shelter’’ shall be $150,000,000.
 
------------------------------------------------------------------------------

Last year Snohomish County alone received  $508,948 in Emergency Food and Shelter funding from FEMA.  These funds supported Emergency Shelter, Food and Eviction Prevention services through the following agencies:

Workplace Security Awareness

No-Cost Critical Infrastructure Workplace Security Training

 

 

The Department of Homeland Security announces the availability of IS-906, Workplace Security Awareness, a no-cost training course developed by the Office of Infrastructure Protection Sector-Specific Agency Executive Management Office.  

 

Access IS-906 on the Federal Emergency Management Agency Emergency Management Institute Web site:  http://training.fema.gov/EMIWeb/IS/IS906.asp .

 

The online training provides guidance to individuals and organizations on how to improve security in the workplace.  The course is self-paced and takes about an hour to complete. This comprehensive cross-sector training is appropriate for a broad audience regardless of knowledge and skill level.  The course promotes workplace security practices applicable across all 18 critical infrastructure sectors.   The training uses innovative multimedia scenarios and modules to illustrate potential security threats.  Threat scenarios include:

 

·         Access & Security Control

·         Criminal & Suspicious Activities

·         Workplace Violence

·         Cyber Threats

 

The course also features interactive knowledge reviews, employee tools, and additional resources. 

Upon completion of Workplace Security Awareness, employees will be able to:

·         Identify potential risks to workplace security

·         Describe measures for improving workplace security

·         Determine the actions to take in response to a security situation

A certificate is given to participants who complete the entire course. 

 

For more information about Office of Infrastructure Protection training courses, contact:  IP_Education@hq.dhs.gov

 

 

For more information on the DHS Office of Infrastructure Protection: www.dhs.gov/criticalinfrastructure.