Physical Security First
At an ICP, physical security is often non-existent — people come and go constantly, equipment is left unattended, and there's rarely time for formal access control. Mitigations:
- Full-disk encryption on all laptops (BitLocker or FileVault) — if a laptop walks, the data stays protected
- Screen locks set to activate after 2-3 minutes of inactivity
- Cable locks for equipment left in semi-permanent locations
- Asset tags and inventory — know what you have and where it is
Network Security at the ICP
ICP networks are typically built fast under pressure. Common security failures:
- Default router credentials — change them, every time, before connecting to the internet
- Flat network connecting operational, administrative, and personal devices
- Unencrypted WiFi or weak WPA2 passphrases
- No network logging or monitoring
Satellite and Cellular Connectivity Risks
Starlink and LTE connections at remote ICPs may traverse less-secure backhaul than expected. Always use VPN for sensitive communications, even over seemingly private links.
We've assessed ICP communications setups where the "secure" network was one VLAN hop away from the public WiFi network — effectively unsegmented. Under the stress of an active incident, nobody had noticed.
ICP Communications Security
Richesin Engineering specializes in secure, reliable communications for wildland fire and emergency operations.
Wildfire Comms Services