Blog
EMS Cybersecurity Insights & Resources
AllEMSMFAEms cybersecurityFire departmentPublic safetyVendor riskBAAEms securityEpcr securityHIPAAIncident responseAccess controlAmbulanceCADCad securityCertificate based authenticationEms complianceHipaa complianceMdmRansomwareRbacAccount takeoverBiometricsChain of custodyCloud securityComplianceCredential stuffingDe identificationEpcr audit logsEsoFire station securityFirstnetHipaa security ruleImagetrendKnox boxMobile device securityNcicOperational securityPassword managerPassword reusePersonnel screeningPre plan securityShared cadYubikeyZoll
Account Takeover Through Password Reuse: The Attack Chain
How a LinkedIn breach becomes an ePCR breach through password reuse, and why MFA, credential monitoring, and an agency-issued password manager break the chain.
MFAEms cybersecurityPassword reusePassword managerCredential stuffing
CJIS Compliance for Fire and EMS: The Shared CAD Problem
Fire and EMS agencies accessing NCIC data through shared CAD systems face CJIS audit failures on personnel screening, MFA, and data segregation.
MFACad securityNcicShared cadPersonnel screening
Pre-Plan Security: The PHI-Adjacent Data Most Fire Departments Leave Unlocked
Alarm codes, Knox box combinations, occupant medical conditions, and hazmat locations live in your pre-plan system with weaker access controls than your ePCR. Here is the fix.
Access controlMFARbacFire departmentKnox box
MFA for the Ambulance: Why Just Use a YubiKey Isnt the Answer
YubiKeys, SMS codes, and authenticator apps fail in the field. Here is a layered MFA approach designed for the back of an ambulance.
AmbulanceMFACertificate based authenticationYubikeyEMS