Alert notifications – a powerful tool but how to do it right?

Authors

  • Merete Ask Gjøvik University College
  • Martin Onstad Telenor Norway AS
  • Jose J. Gonzalez Gjøvik University College

Abstract

A steadily increasing number of different organizations utilize alert notifications to inform stakeholders in different situations and have developed their own solutions for the purpose. This being said, alert notifications are only vaguely covered in traditional, generic and holistic literatures, “best practices” and standards. There is little general information specifically related to how, what, when and why one would choose to alert notify. “Made as one goes”, based on “organizational subjective” experience, current, mature alert notification solutions have to be deemed the current “state of the art”. This occurs with little or no solid anchorage in standards or “best practices”, challenged to keep up with rapid technological development, increased expectations to keep a growing set of (claimed) stakeholders informed while maintaining the desired level of alert notification quality.


The current general societal expectation about telecom and data services is that they should be resilient, stable and available for use, at all times, everywhere. No matter how resilient, robust and secure these services are designed to be, though, they require maintenance and incidents do happen. Stakeholders expect to be kept proactively informed about maintenance activities that may impact their quality of service. When incidents happen, service providers are expected to handle them efficiently, professionally, in a predictable manner and keep relevant stakeholders informed.

This article presents a 2014 master thesis that assembled alert notification relevant information from different literatures and combined these with Telenor knowledge and experience gained as a mature utilizer of alert notifications. This was used to provide a generic, but alert notification specific set of recommendations. A set defined as guidelines intended for any arbitrary organization considering establishment and continuous improvement of well-structured, secure and efficient alert notifications.

Published

2014-11-17

Issue

Section

Norsk Informasjonssikkerhetskonferanse 2014