Hendon Publishing - Article Archive Details
This Pocket(Cop) Protector is not for nerds
Baltimore, Md., Police Commissioner Frederick Bealefeld III likes the “very cool high-tech” security aspect of the information protection device his officers now use. There’s nothing nerdy about this pocket protector. And by “pocket” we mean the BlackBerry-equipped solution his officers carry on duty, known as the PocketCop. And by protector we are referring to what protects the sensitive information on the PocketCop—a gizmo called the eToken™.
“Our strategy,” the commish dished, “is to get cops out of cars and closer to the community we serve. The eToken device is part of that strategy. It works by generating a password that can be accessed on the BlackBerry®. Officers simply carry the eToken in their pocket.” The device gives officers protection and lets them securely access info on their PocketCop—info such as motor vehicle data, warrant information and more. “Part of our success is engaging the community of Baltimore. The eToken helps us to achieve that success.”
The eToken is made by SafeNet®, and it’s part of the security system of the same name. With more than 25 years experience, SafeNet is a leader in information technology, protecting identities, transactions, data, communications and software licensing. SafeNet is based in Belcamp, Md., and maintains 1,550 employees—including more than 550 security engineers.
Chen Arbel, director of business development authentication for SafeNet, gave this overview of how it all works: “SafeNet specifically protects identities while enabling secure access to network, corporate and Web-based applications through its multi-factor authentication solutions. Authentication ensures that a user is who they claim to be. The more factors used to determine a person’s identity, the greater the trust of authenticity.”
Strong authentication is what we are talking about here—not just your average jumbled-words-in-a box authentication. It can be achieved using a combination of something you know (password or PIN) and something you have (token or smart card). Multi-factor authentication is widely recognized as the most secure method for authenticating access to networks, data and applications.
Arbel explained that SafeNet developed one of the industry’s most innovative and broad portfolios of authentication solutions that include certificate-based (PKI), one-time password (OTP), hybrid, software/mobile and out-of-band (OOB) authenticators. “Our multi-factor authentication solutions,” he said, “allow law enforcement and government agencies to conduct business securely and efficiently, open new market opportunities with secure data access, and protect identities across the entire business landscape. By implementing SafeNet’s multi-factor authentication solutions, companies can significantly reduce the risk of fraud and data theft, and ensure compliance with industry as well as government regulations and standards.”
The full line of SafeNet authentication solutions is managed with a single, robust token management system, as Arbel indicated. The Token Management System (TMS) enables full life-cycle management of the authentication solution including deployment, provisioning and ongoing maintenance. TMS supports all eToken devices and a wide variety of security applications including network log-on, VPN, Web access, one-time password authentication, secure e-mail, data encryption, enterprise single sign-on and more.
“The TMS provides a solution that links users, devices, organizational rules, and security applications in a single automated and fully configurable system,” he said, “making the implementation of strong authentication-based security solutions easily manageable. TMS manages the token inventory and the entire token life cycle from enrollment to revocation, including lost and damaged tokens.”
How it Works
Law enforcement officers carry the token with them, which is the size of a thumb drive, and simply plug it into the USB port of their laptop or desktop and enter their eToken password to securely log on to their network applications, such as e-mail and criminal databases, using FIPS approved cryptography. Digital credentials are securely stored on the device, eliminating the need to manage multiple usernames and passwords for accessing different applications.
Utilizing this two-factor authentication solution, according to Arbel, officers have instant and secure access to their systems from anywhere while law enforcement agencies improve their data security and reduce costs and vulnerabilities through superior password management. “eToken PRO supports all eToken PKI and password management applications, as well as software development tools, for seamless integration with third-party applications,” he indicated. “In addition, eToken PRO can be customized to include RFID, enabling combined physical/logical access in a single device. Law enforcement officers can use this same token to enter secure buildings or areas, such as secure entrances to courthouses and police stations.”
Tracking token usage is possible through auditing and reporting. TMS is built on an open architecture providing management-level integration with a range of security applications through configurable connectors. It is integrated with Microsoft® Active Directory, MS SQL Server and OpenLDAP, so tokens are managed together according to the needs of the organization’s security policies, in a familiar environment. The TMS works from any computer with remote user administration tools. The system enables the customer to provide 24/7 support for users who lost or damaged their eToken devices, don’t have their tokens while on the road, or forgot their eToken password, with Web-based user self-service tools.
Do users have to set up and install the system or is this technology ready to go out-of-the-box? Arbel said one of the advantages of the authentication portfolio is that “We offer customers a breadth of flexible solutions that can be tailored to specific security requirements and user access needs. Many of our solutions are ready out-of-the-box and can be deployed right away with little to no setup required.
“What we have learned in deploying strong authentication solutions for dozens of law enforcement agencies around the world is that each has specific security policies and/or compliance mandates that they need to address, such as CPIC in Canada or CJIS in the United States, in deploying secure remote access solutions.,” Arbel Stated.
Because these solutions have been developed based on industry standards, they are easy to integrate into the agencies’ existing network infrastructures, ensuring seamless installation and deployment to end users. Data security and ease of use have brought a comfort level and a trust to handheld devices police rely on today. Nerdiness has been replaced by worthiness, and the beneficiaries are the police on the streets and the citizens they serve and protect.
Secure access to any type of national or international database such as LEEDS or CPIC, which a law enforcement agency might require, is available. For example, in the United States, officers can securely access the FBI criminal database, housing and arrest records, and other databases located at police headquarters. They can do this from the laptops in their police cars or even on their mobile devices.
This eliminates the need for officers out in the field to radio back to dispatch with an information request and wait for a response. Instead, officers receive instant access to this information directly from their mobile devices. Similarly, in Canada, the Montreal Police force can remotely access the Canadian Police Information Center (CPIC), which houses criminal and personal records.
So just how much training is actually involved with this technology? The answer is none. “No training is required to use these authentication tokens,” Arbel said. “They’re extremely intuitive and simple to use—requiring an officer to simply plug in the device and enter a password. SafeNet does offer training to the system administrators in order to customize user and security policies to their individual requirements.”
Officers gotta love that. On the street, the last thing you want to be doing is rifling through a user manual or taking time away from your shift to sit through training class. “Officers can access all the law enforcement information they need from their PocketCop and feel it is protected,” Bealefeld said. “The word on the street is very positive about the system. It is no hassle, and that’s always going to be a win-win.”
“Police recognize the need for two-factor authentication to protect their credentials and their identity while on the job,” Arbel noted. “They see the benefit and convenience of being able to access the systems they need to be effective in their work from anywhere—their police car, their home, or even their mobile device for mounted or beat officers. It’s a pretty powerful example of how technology is being utilized not only to improve job efficiencies, but also to protect and secure the privacy of citizens.”
The key benefit is enablement, according to Arbel. That’s a big word, but the average guy on the beat realizes it means power. “Users have the flexibility and security needed to access sensitive information from any location,” he related. This gives law enforcement personnel the peace of mind that those accessing highly sensitive networks and resources are authorized to do so without compromising security or convenience.
The system provides officers and administrators with continuous secure access to sensitive information. This helps boost productivity and efficiency and improves data controls necessary to maintain regulatory compliance. And it’s not just police we’re talking about. SafeNet has deployment authentication solutions extensively among military agencies, public safety and IT divisions at universities.
U.S. Federal and State government agencies utilize the security technology as well as almost every police agency in Canada. “Increasingly,” Arbel said, “we are seeing government agencies adopting the use of mobile and software authentication solutions to enable secure remote access for employees and contractors in those ‘in case of emergency’-type situations where natural disasters such as hurricanes, floods, snow storms, oil spills or health pandemics (H1N1) might result in unexpected and immediate office closures, necessitating on-the-fly deployment and activation of remote access solutions.”
SafeNet continues to be at the forefront of innovative technology to address the ever-evolving security needs of enterprises and government agencies. It employs more than 550 encryption engineers and has more than 100 distinct patents. “Our latest innovations,” Arbel added, “include our zero footprint, clientless ‘Anywhere’ technology, which we’ve released as part of our eToken PRO Anywhere and soon, eToken NG-Flash Anywhere authenticators.”
Let’s face it, this is James Bond stuff. Law enforcement security has come a long way from the days of having to contact dispatch centers for information. Officers are no longer constrained to their radios or vehicles to investigate suspicious activity. But with advancements, there are still security risks. For instance, what if an officer loses his handheld device or it’s taken by a criminal? It potentially holds access to criminal backgrounds, housing information and social security numbers. This information needs a high level of encryption technology.
SafeNet allows law enforcement to secure mobile law enforcement data communications for smartphones and other handhelds and equips officers with VPN access from cruisers supported by smart card tokens. If it can help get the officer out of the car and into the action, it can make police work better. That’s being proven as statistics show crime rates dropping where officers are more involved. In a way, it’s a throw-back to the old days of the beat cop who knows his neighborhood through face-to-face contact. And there’s nothing nerdy about that. It comes down to safety and trust, not only between citizens and officers, but between officers and the tools they carry and rely on—such as this new technology.
“I look at it as investing in the future of policing and also investing in my officers and in the service we provide to the people of our community,” Bealefeld stated. If that’s the case, then any one of us would like to be considered a nerd. Protecting the PocketCop means protecting the real cop—and the community he serves. At the end of the day, that’s what matters the most.
Timothy R. Burke is a writer, editor, graphic designer and photographer. He can be reached at firstname.lastname@example.org.
Published in Public Safety IT, Jul/Aug 2010
Rating : Not Yet Rated
Click to enlarge images.