Martin Courtney, Computing, Tuesday 9 February 2010 at 17:11:00

Lancashire Constabulary to monitor data input of 7,000 staff in bid to prevent intelligence leaks

The Lancashire Constabulary is to deploy auditing software that will monitor and record all of the data input by its employees in a bid to prevent information being leaked from its intelligence database.

The Constabulary will trial 3ami’s monitoring and audit (MAS) software client on a limited number of fixed and mobile terminals attached to its network, before rolling out the system to all of its 7,000 staff in time for the introduction of new data security regulations in March this year.

“It is not an endemic problem but we are concerned with information leakage and people looking at our intelligence systems and disclosing that information outside the organisation,” said Detective Superintendent Martyn Leveridge, the operations manager for the Lancashire Constabulary’s professional standards department.

Statistics recently released by police show that over 400 police officers and civilian staff were disciplined for misusing computers at work in the last five years, including 53 in the South Yorkshire police force alone.

“If criminals say they have a mole in our organisation, this system will be able to quickly get to the nub of that, and find out which terminal and which user is accessing what information. When that occurs, those people can face misconduct in public office charges, which does happen,” said Leveridge.

New data security regulations from the association of chief police officers (ACPO) insist all UK police forces will be assessed for ‘protective monitoring’, in order to ensure the integrity and confidentiality of sensitive information, following recent recommendations by HM Inspectorate of Constabulary (HMIC).

“The sole purpose is to counter corruption on a national basis; disclosure of information, inappropriate association with criminals and misuse of force systems,” said Leveridge.

A report published by security software vendor CA last week [3/2/10] agrees that employees tempted to misuse company data for personal gain are often the biggest threat to data security, particularly during a recession.

“With a predicted increase in threats coming from inside an organisation, companies will need to look for new ways to improve the way they control and protect data – while still allowing flexibility for employees to do their job,” stated Joseph Souren, vice president EMEA for CA’s internet security business unit.

Leveridge is keen to stress that the MAS system is not intended to find that ‘rare, inappropriate’ email that might go between people within an organisation, only to keep track of who is accessing what information to help resolve allegations of systems misuse.

As part of a wider security initiative, the Lancashire Constabulary is also set to introduce chip and pin devices to be used alongside police officer’s warrant cards for identity access management (IAM).

With pre-configured exceptions for passwords and confidential information, the 3ami MAS software client records every user keystroke, applications opened, websites visited and individual files accessed. It will also detect and store details of any removable disk drive plugged into a local terminal and details of files copied on or off those drives.

While it is not designed to prevent data being copied, or malware being introduced to police systems, 3ami MAS will at least help forces track where breaches occur or problems are introduced. Audit trails will be retained for six years in compliance with the 1996 data protection act and standard police information management practices.

“They are of course limited to some extent by space on the server, but with this number of users we estimate six years to be our routine weeding data,” said Tim Ellsmore, 3ami MD and founder, who has implemented MAS at other, undisclosed police forces around the UK and abroad. “Of course, if they need to keep any data for investigations or prosecutions, that will be retained.”

The software is Windows and Windows Mobile compatible, meaning its usage can be extended to mobile devices, with a Blackberry compatible version in the offing.

“Computers may go outside the organisation, but as soon as they are connected back onto the [force's] network, MAS is updated,” said Ellsmore.

Leveridge expects the new software to pay for itself over time, because MAS makes it quicker for investigative officers to interrogate the system and process their findings.

“Some of these investigations can be quite time consuming and getting to the exact detail and source of the intelligence to make sure it is accurate and we can use it [for prosecution purposes] can be difficult,” he said.

Full published article at: http://feeds.computing.co.uk/c/554/f/10983/s/9099aea/l/0L0Scomputing0O0Ccomputing0Canalysis0C22575960Cpolice0Efind0Emoles0Esecurity/story01.htm

This entry was posted on Tuesday, February 9th, 2010 at 5:00 pm and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.