Everbridge Statement on Impact of Russia Ukraine Conflict
Everbridge is monitoring the events in Eastern Europe to help clients assess the risk to their employees and assets, and to ensure the safety of Everbridge employees in the region. The large-scale and dangerous critical event in Ukraine and the surrounding countries is a stark reminder of Everbridge’s mission. Some of our clients have employees (some with families) and assets directly in the conflict zone and rely on their Everbridge service to continually assess the situation and communicate with their employees.
We are taking extraordinary precautions during these difficult times to ensure the high availability of your Everbridge service. To this end, we are carefully scrutinizing product updates to avoid service interruptions to your users at a time when seconds matter. We will strive to maintain our continuous uptime and remain vigilant against the ongoing cyber threat environment.
For those product updates deemed critically necessary, we will communicate those critical updates in advance of any infrastructure deployment, product release or software patch that could affect your users during this critical event. The events in Eastern Europe are continuously evolving, and we continue to proactively monitor the situation in the region.
For updates on our platform, customers are recommended to subscribe to service advisories in the Everbridge Support Center. We post all incidents that impact our platform, or components of our platform, to this portal. Subscribing to alerts will allow you to proactively receive this information whenever our Cloud Operations (CloudOps) engineering team issues an advisory. Service advisories are accessed through the Everbridge Manager Portal by navigating to the "?" in the top-right corner > HELP & SUPPORT > Everbridge Support Center > Advisories tab. For information on how to subscribe to service advisories, please see Knowledge Base Article 000007444 - How to Sign Up for Service Advisories to Be Notified of Updates, Changes And/or Issues Affecting Everbridge Suite.
Everbridge Monitoring the Status of the Conflict
The Everbridge Risk Intelligence Monitoring Center (RIMC) is continuously monitoring developments on the situation in Ukraine. They use open source and intelligence reports to assess the situation. This information is shared with our CloudOps, Product, SaaS Operations and Security teams to help predict any potential impact to our services.
Everbridge also shares this information as part of our Risk Intelligence and Critical Event Management offerings. A crucial component of this service is to release daily Situation Reports, a sample may be viewed here: (RIMC Situation Report). If you wish to subscribe to our Risk Intelligence, contact your Account Manager or Account Executive.
As of 1 January 2023, our SMS vendors have informed us that message deliveries to both Ukraine and Russia will be a best effort and cannot be guaranteed. We have explored other vendors to see if alternatives exist and unfortunately they do not.
As usual, clients should refer to our knowledge base article 000049478 - Everbridge Global SMS Codes located in the Everbridge Support Center for the most up to date information on SMS delivery issues, limitations, and anomalies. If any deliverability issues come to light as a result of the above items, then this is the first place where we will post to. NOTE: You must be logged into the support center to view this article.
Our CloudOps has reached out to our Telco vendors which we use for Ukraine asking them to be on high alert in case delivery issues arise and to inform us immediately if they find anything.
UPDATE: 15 March 2022 - Voice providers are indicating that due to the ongoing situation in Ukraine, voice calls to the area may be sporadic.
Due to the nature of email, it is impossible to know what country the owner of an email address lives in or access their email from. As a result, we are not able to provide any data on the deliverability of emails to recipients in Russia or Ukraine.
Platform Availability and Security
Everbridge relies on the DNS platform to empower clients to access our solution globally. We utilize DNS services from multiple providers in multiple geographic locations to ensure resiliency. We also maintain practices that prevent DDoS attacks from impacting our service delivery to any of our clients as per our security framework which is governed by NIST 800-53. We also guarantee the uptime and usability of our services at 99.99%. To date, Everbridge has not detected any DDoS activity related to the conflict, but continues to actively monitor the situation through our CloudOps.
Everbridge deploys a comprehensive zero-trust security framework that establishes security through multiple layers of defense, including deception technologies. The Cyber Defense and Operations Center continuously receives updated indicators of compromise (IOCs), including IOCs specific to the Russia / Ukraine situation, and configures alert and response capabilities to deal with them. The Cyber Defense and Operations Center monitors security events, logs and anomalies within our environment, and actively responds to and investigates any alerts. All access to our environment is strictly managed through encrypted authentication, and all data is secured in transit and at rest.
Everbridge has implemented an Information Security Vulnerability Management Framework to identify and manage vulnerabilities that may affect the confidentiality, integrity, and availability of Everbridge Information and Information Systems. Our vulnerability management policies are governed by NIST 800-53 controls and FedRAMP compliance and include the following key tenants: Defined roles, responsibilities and implementation processes for vulnerability management; the creation and maintenance of an asset inventory; process and security requirements for vulnerability monitoring, security patching timelines, vulnerability scanning, penetration testing, severity assessment, mitigation and remediation, and reporting and compliance.
Everbridge is regularly audited by an authorized 3rd party independent agency for several certifications. Everbridge is a SOC2, SOC3, FISMA, Safety Act, ISO 27001, ISO 27701, G-Cloud 9, and UK ICO certified organization and we have achieved FedRAMP “Authorized” status. Our security policies are governed by NIST 800-53 (http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf), Controls for Moderate Impact systems, and an overview of our security policies and attestations can be found here: https://www.everbridge.com/company/legal/. Our security attestations are reviewed and updated annually.