Issue link: https://let.epubxp.com/i/407623
TECH ON PATROL 18 Law Enforcement Technology November 2014 www.officer.com The increased use of mobile devices with biometric capabilities presents advantages for officers and administra- tors alike. Mobile fingerprint, face or iris scanners can instantly identify a subject in the field, improving officer safety and police effectiveness. The same scanning capabilities can lock down a device until its owner and authorized user opens it with biometric security software. So what must a CIO, police chief or sheriff do to be sure sensitive data doesn't end up in a precarious position if a device is lost, stolen or hacked? As table stakes, first put in place a strong security policy that covers mobile devices, both issued by the agency and any that may be obtained by employees on their own. They must do that just to get in the game. Next, make sure that auto-protect and device-erase functionality are enabled on the mobile devices, at the very least. They should also consider using enterprise settings to control security on mobile devices, and encourage employees who may misplace mobile devices to immediately report the loss without fear of adverse action. The loss of a device is a minor inconvenience in comparison to a data breach that occurs because the phone was hacked before it could be wiped. Many jurisdictions have already addressed these issues. The City of Albuquerque, for example, requires devices that access the city's network to be password-protected, and include up-to-date anti-malware software and software patches. The city also "reserves the right" to enforce a mobile device management strategy to allow the IT department to configure, secure, moni- tor and wipe smartphones and tablets. Police department personnel must also be aware of the privacy implications involved in BYOD. A highly publicized court case in 2005 vividly illustrated this issue when a police officer in Santa Fe, New Mexico, was required to pro- vide the court with access to records of his personal cell phone activity during a DUI arrest. The prosecutor in the case declined to turn over those records, citing privacy concerns. The judge however ruled that the officer was act- ing as an "arm of the government" and was therefore not protected under the Fourth Amendment. Consequently the DUI case was dismissed. The lesson: Officers who bring their own devices steps to secure BYOD for police departments 3 Police offcers, inventive in their nature, will embrace BYOD if they believe that it will help them do their jobs and keep them safe. By Robert Sprecher T he New South Wales Police Department last year began a year-long bring-your-own-device (BYOD) experiment for police officers. As part of a major IT modernization project, the department is permitting select mobile devices to access its central mainframe. Is that safe? Opinions vary. Some experts believe that orga- nizations must have a holistic mobility policy that governs the use of mobile devices in the enterprise. Others state that encryption of mobile traffic is essential to protect sensitive data from interception. Both views are correct. Enterprises, especially law enforcement and public safety agencies, must have a policy governing the use of mobile devices. Police officers, inventive in their nature, will embrace BYOD if they believe that it will help them do their jobs and keep them safe.