Actu
Lancashire Constabulary Chooses 3ami MAS for Protective Monitoring of Force’s IT Systems
February 2010 by Marc Jacob
Lancashire Constabulary is using 3ami Monitoring and Audit System (MAS) to comply with new data security regulations from the Association of Chief Police Officers (ACPO). Coming into effect March 2010, the ACPO Information Systems Community Security Policy lists “protective monitoring” as a control UK police forces must score against to comply with the policy matrix. With a few minor exceptions, such as passwords and confidential reporting, 3ami MAS will monitor all data input on Lancashire Constabulary’s network of terminals, including mobile and portable terminals.
“We expect that the implementation of 3ami MAS will ultimately result in a cost-saving, not just in the typical productivity sense, but also in the preventive message it sends out to the users of force computer systems,” said Detective Superintendent Martyn Leveridge. “It will provide us with the ability to resolve allegations of systems misuse more quickly and with more certainty, and allow the public additional confidence that systems are in place to protect data.”
Mr Leveridge added that the transition to 3ami MAS was a well-timed decision, with the ACPO Information Systems Community Security Policy coming into effect in March.
“The security and leakage of information has been identified in a number of national police assessments as being the greatest threat to operational security and integrity,” said Mr Leveridge. “Recent HMIC reports have made recommendations that all internal police computer systems should be made capable of auditing and being audited themselves, in order to ensure the integrity and confidentiality of sensitive information. The 3ami MAS installation is the cornerstone for achieving this.”
Lancashire Constabulary’s primary use of 3ami MAS will be to aid the investigations of any corruption-related issues involving officers’ and police staff‘s use of force computer systems. Activities falling under the umbrella of “police corruption” include the following (among others): inappropriate disclosure of police information, interference with police evidence, breaches of information security, system infiltration/attack, and perverting the course of justice.
Tim Ellsmore, Managing Director of 3ami, said, “3ami MAS is an essential tool for enforcing the laws of a digital network. Police forces that do not monitor and audit activity on their network’s computers have no real way of knowing what officers and civilian staff are doing on their computers, let alone their portable terminals, which are becoming increasingly prevalent.”
3ami MAS will coordinate and corroborate Lancashire Constabulary’s existing auditing facilities into one comprehensive auditing framework. The software will be installed early in 2010, after a staff education programme.
“Before 3ami,” said Martyn Leveridge, “our existing force auditing capabilities were application-based. Therefore, any activity conducted other than via the user interface—such as database file transfers, printing, screen captures and copying onto external data devices — was not capable of being monitored. 3ami provides a single solution to these problems, binding together existing application-based auditing.”
