WebEOC Work Group
Tuesday, January 30, 2018
- MCHD – Shawn Henners
- Pasadena – Frank Bengochea
- Montgomery County – Cynthia Jamieson
- Houston – Jonathan Wiggins
- Brazoria County – Steve Rosa
- SETRAC – Trameka Jewett
- HCFMO – Norman Williamson
- Fort Bend County – Lach Mullen
- UoH – Chelsea McKeathen
- Board Status
- Mission Task Board – in progress. Will get dates of completion
- EMResource Interface – working on now. Should be installed by 2/1/2019
- STAR AAR update
- Working on setting a date with TDEM CID using survey monkey. Will send out calendar invite to those that attended AAR meeting and EMCs that signed the document.
- Event Board – working on style and process. Will have more at next meeting
- Updates to system
- User help – on the right side of the by incident name
- Enabled Recall of Last Position – WebEOC remembers the last position you logged in with, decreasing the time it takes to log in and return to where
you left off.
- Introduced Browser Reload Option – You can now use your browser’s reload button to refresh the page, which is an option that was not supported
- Added Automatic Refresh of Assigned Incidents and Positions – While logged in to WebEOC, the control panel is automatically refreshed anytime incidents or positions are assigned. If the assignment results in a change to your permissions, a message may appear that indicates you will need to log in again to begin using the solution with the new permissions.
- Enhanced System-wide Message Notifications – When a new system-wide message is posted, you are automatically alerted of the change in three ways: The Home tab turns blue, the system-message is updated, and a pop-up notification appears at the bottom right of the page you are viewing.
- Introduced Disabled Refresh New Data Message – If automatic refreshing of data is disabled for a board, a message now appears in the footer to let you know when data has been added to the view. You can click the Refresh link next to the message to manually refresh the data in the board.
- WebEOC Security
- Version 18.104.22.168 includes a crucial security enhancement – There was an XSS (Cross Site Scripting) exploit possible with View Parameters and one possible with the Maps admin manager.
- Some security best practices for Admins and Sentinels:
- Periodically review user accounts in your system to ensure that the accounts are valid and accessible to users that should have the system. (WebEOC Admin) will periodically audit users’ group permissions.
- Disable infrequently used accounts
- Review accounts
- Implement secure browser connections. It is critical that WebEOC is only accessed over a secure browser connection. TLS 1.1 or later is recommended to ensure sensitive data is encrypted before it is sent over the Internet from the user to the WebEOC server. Encrypting data before sending it means the data cannot be intercepted and inspected while in transit. TLS – Transport Layer Security are cryptographic protocols that provide communications security over a computer network. TLS protocol aims primarily to provide privacy and data integrity between two communicating computer applications. The connection is private (or secure) b/c symmetric cryptography is used to encrypt the data (Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both encryption of plaintext and decryption of ciphertext)
- City of Houston Purchasing – 5 year contract
- This will have pay Intermedix easier than currently have done in the past
- FY2018 grant
- Requesting Maps Add-on and ESRI extension
- Janette Walker boards working on:
- Harris County Battle Rhythm (color scheme), next is Metro board, MCHD’s new positions while still working on Event board
- Termaine Owens Training:
- Texas City, Galveston County, City of Houston. Get with Termaine for training dates for those that were added during Harvey and the ice storm
- Next Meeting – Event Board, February 28, 1:30, Location: TBD