With its Wood Street headquarters just steps from the financial heart of the City of London, and a beat covering the Square Mile, the City of London Police is hardly an average police force. Focused on white-collar crime such as fraud, and in combating terrorist attacks within the City, the City of London Police (established in 1829) is today the UK’s lead force in countering fraud.
The City of London Police is also involved in implementing the Home Office IMPACT program, designed to improve the ability of the UK police service to manage and share information between police forces to prevent crime and provide safer communities.
Best Practices
Defining best practice in this field has also required the City of London Police to develop a model IT governance policy in order to protect information within and from outside its own network. Over the last five years, the force has taken sweeping measures to protect its electronic borders and defend the integrity of its information. In addition to a comprehensive and rigorous IT security policy, all potential points for electronic data leakage have been systematically identified and secured.
As well as
safeguards against unauthorized electronic transmission of data, the City of has taken
steps to prevent “thumbsucking” – the unauthorized copying of data on to
portable storage devices. To achieve this it has locked down USB computer ports
on all computers – and not with superglue.
However, the
force also recognized that a complete system lockdown would be
counterproductive, as officers and administrative staff still need to
physically move data around during investigations and operations, and when
interchanging intelligence with other forces, such as the neighboring
Metropolitan Police.
In the field, police officers gathering
information from external sources – such as other police forces and court
services – use Stealth MXP devices for secure transportation of this
information to the three City of London
Police main police stations, where intelligence data
is consolidated.
Hard Drive Protection
The force also has hard drive based units – offering the same biometric authentication benefits but larger data storage capacities. These units are reserved for special operations, commented Gary Brailsford-Hart, including a now-completed “multi-agency anti-terrorism exercise.”
“The
deployment of Stealth MXP has given us an additional level of accessibility to
transfer data that we did not have before,” said Brailsford-Hart, who himself
uses a device for transporting all files relating to the City of ’s IT
security strategy. When I talked with Brailsford, CIO, head of information
management at the City of London
Police, he discussed benefits. “Non-repudiation of
information storage. High confidence in end-point security. Proportionate to
the perceived risk to the information. If biometric access is to succeed, the
workforce needs to be behind it. In the case of the biometric USB devices the
workforce understood the risks, accepted the higher level of security and has
embraced the technology as proportionate to safeguarding the information.”
In the future,
he sees automatic pass-through encryption on information transfer to removable
media while looking at a number of technical solutions. Also: integration of
smartcards with certificate role based access across enterprise to support full
national access to emerging police systems. Continued development of
“security-hub” for improvements to single point of access to all electronic
security information. And delivery of services beyond physical boundaries to
support officers and the citizen, a multi-layered security architecture design.
