Should Gardai have permission to use their own personal laptops ?

Xenophile

Should Gardaí have permission to use their own personal laptops in the course of their duty ?

Chemical Burn

Xenophile wrote: »

Should Gardaí have permission to use their own personal laptops in the course of their duty ?

I can (and have to) use my own. Yes, it's easier, more familiarity, so less excuse for cock ups. Save tax payer a bitta dosh too. There should be a Universal Garda server though onto which all work related data must be saved (and only saved onto this).

Mech1

Definatly not, and shouldnt be allowed to bring or leave with any digital media / written or taped media concerning their interactions with the public.

Overheal

I wouldn't trust them myself to adhere to the necessary data protection policies.

darragh o meara

I'd imagine the highly confidential nature if their jobs would not lend to details being entered on computers outside if the Garda network. Information like this needs to be kept on secure encrypted systems, if one if these laptop were to go missing with sensitive information contained on it, the sh1t would hit the fan.

Furious_George

No they should be commended for providing their own equipment that the state should make available.

What is your problem xenophile? Why do you keep starting threads on different professions in public service? You really come across as having a grudge?

Pappa Charlie

Xenophile wrote: »

Should Gardaí have permission to use their own personal laptops in the course of their duty

Oh Christ!

MadsL

Not a hope, BYOD (bring your own device) scenarios are the stuff of IT Security and Data Protection practitioners nightmares.

Lapin

Overheal wrote: »

I wouldn't trust them myself to adhere to the necessary data protection policies.

I certainly wouldn't trust a Garda to do that.

Don't trust them at all.


There's an old saying - Never trust a guard till he's 7 years dead.

IM0

for watching porn, yes, and ONLY that

oppenheimer1

MadsL wrote: »

Not a hope, BYOD (bring your own device) scenarios are the stuff of IT Security and Data Protection practitioners nightmares.

Just wondering - why did you use an acronym but then go on to explain it fully?

oppenheimer1

oppenheimer1 wrote: »

Just wondering - why did you use an acronym but then go on to explain it fully?

It's a common acronym used in the corporate IT sector.

lkionm

I reckon they would be capable of giving themselves permission.

But they need to speak in Irish to get permission to use the toilet.

IM0

lkionm wrote: »

I reckon they would be capable of giving themselves permission.

But they need to speak in Irish to get permission to use the toilet.

"superintendant, an bhfuil cead agam dul go dti an laptop?"

skirtgirl

I thought a similar thread the op started in emergency services got closed down. No work would get done if they did not use their laptops. Be it looking at CCTV footage to typing files etc.

lkionm

IM0 wrote: »

"superintendant, an bhfuil cead agam dul go dti an laptop?"

Due to department protocol I will have to deny you the use of the laptop as you did not say please.

You are a renegade IMO, hand in your usb key.

Dwork

Huh, sure how else are they supposed to keep up with farmville??

lkionm

Karsini wrote: »

It's a common acronym used in the corporate IT sector.

But could just not say one or the other?

Why use both of them?

Pretty sure not everyone here works in IT and if they did there would be no need to describe BYOD or do you do that everytime you see an acronym?

humbert

Well it would certainly lead to greater 'transparency'.

The Maverick

I think nearly all guards would love if they didn't have to use their own personal laptops. As said, it does represent a security risk for everyone involved. However, seeing as successive governments have consistently failed to invest in adequate IT equipment (along with various other resources for AGS such as vehicles etc), most ended up having to use their own laptops just to get the job done.

MadsL

lkionm wrote: »

But could just not say one or the other?

Why use both of them?

Pretty sure not everyone here works in IT and if they did there would be no need to describe BYOD or do you do that everytime you see an acronym?

Are you normally this socially awkward? Had I posted just BYOD someone would have posted whats BYOD??

kupus

MadsL wrote: »

Are you normally this socially awkward? Had I posted just BYOD someone would have posted whats BYOD??

exactly I have nt a clue what it means so thanks for pointing it out.

lkionm

MadsL wrote: »

Are you normally this socially awkward? Had I posted just BYOD someone would have posted whats BYOD??

Yeah so just say bring your own device.

Your not in an corporate IT office at the moment. It's an inside joke for your industry and does not serve to shorten it when you are outside of that circle.

I really don't know why I am arguing this. It's as pointless as every other acronym.

Right I'm off to play cod and pwn some n00bs with my n00btube.

MadsL

lkionm wrote: »

Yeah so just say bring your own device.

Your not in an corporate IT office at the moment. It's an inside joke for your industry and does not serve to shorten it when you are outside of that circle.

I really don't know why I am arguing this. It's as pointless as every other acronym.

Right I'm off to play cod and pwn some n00bs with my n00btube.

Unbelievable. Thanks for your thread contributions, they have been....um, pointless.
If you want an acronym may I suggest GTFO.

lkionm

MadsL wrote: »

Unbelievable. Thanks for your thread contributions, they have been....um, pointless.

Well well well

Have you met the kettle?

MadsL

lkionm wrote: »

Well well well

Have you met the kettle?

Yes, it said nothing as inanimate objects can't talk.

Boombastic

For checking boards during their shift is it?

Nabber

Would only be a matter of time before a laptop is 'left' on the DART and alot of evidence becomes inadmissible in court and private information is leaked.

Just buy the people who need them laptops. But knowing our system, we will see a bill for 90million and find out in 3-5 years that 1,500 retirees received laptops. The garda commissioner flew to Hawaii to pay 70% over the odds for the laptops.


See you all in 3-5 years for the "rip off Garda laptops" thread

MadsL

Nabber wrote: »

See you all in 3-5 years for the "rip off Garda laptops" thread

Or the €150m spent on consultants figuring how to encyrpt them.

Rasheed

lkionm wrote: »

But could just not say one or the other?

Why use both of them?

Pretty sure not everyone here works in IT and if they did there would be no need to describe BYOD or do you do that everytime you see an acronym?

Well didn't you learn something new? If you saw it again, you wouldnt have to look it up, thanks to MadsL!

As for the Guards using their own laptops, this couldn't happen. Wouldn't a hacker have a field day with a poorly protected personal device?

I know at work, in a hospital, there's no way we can use personal laptops for anything to do with work. If we have to, for some particular reason, no names, dates of birth, addresses etc can be used. And to be fair, whilst healthcare information is very private and sensitive, it not in the same level as the as what a Garda might have.

Canis Lupus

MadsL wrote: »

Or the €150m spent on consultants figuring how to encyrpt them.

And then making all the passwords Garda1.

mconigol

Rasheed wrote: »

I know at work, in a hospital, there's no way we can use personal laptops for anything to do with work. If we have to, for some particular reason, no names, dates of birth, addresses etc can be used. And to be fair, whilst healthcare information is very private and sensitive, it not in the same level as the as what a Garda might have.

Bit contradictory no?

SB2013

It's probably worth pointing out what Gardaí were using their laptops for. They were mostly being used to play cctv footage for analysis or in interviews from a disk or memory key. When they were used for typing stuff up it was generally saved to a memory key and transferred to a computer which could print it. I'm not aware of anyone that was stupid enough to store stuff on their laptop. The issue of memory keys is a different matter. Members will no longer be using personal ones to transfer files between computers (not all computers are attached to a printer or an email system) and backup their files. This will cause a major headache. So your concern about data protection is unnecessary for the most part.

monkeypants

SB2013 wrote: »

play cctv footage for analysis or in interviews from a disk or memory key.

And were these laptops, discs and USB keys encrypted and regularly scanned for security threats?

SB2013 wrote: »

When they were used for typing stuff up it was generally saved to a memory key and transferred to a computer which could print it.

Were these memory keys examined and declared safe before they were connected to the Garda network?

SB2013 wrote: »

I'm not aware of anyone that was stupid enough to store stuff on their laptop.

Fair enough, but is the entire force compliant?

SB2013 wrote: »

Members will no longer be using personal ones to transfer files between computers (not all computers are attached to a printer or an email system) and backup their files.

Personal USB keys should not be used. Only ones that have been purchased, verified and controlled by the Gardai. Should also be encrypted and their use logged.

SB2013 wrote: »

So your concern about data protection is unnecessary for the most part.

From what I've read in this thread so far, I have security and data protection concerns if members of the force are using their own laptops and USB keys without any measures in place.

Capt'n Midnight

To give an idea of how likely a laptop is to be compromised the open market price for complete control of 1,000 infected PC's in the UK is just 8c each.

Not sure if they localise to ROI , since many of our ISP's are UK owned and route through the UK but close enough since a couple of grand is almost certain to get you one used by PC Plod / Guarda Murphy.

When (not if) there is a data leak the financial and reputation cost will exceed any benefit. The only Guards who should be allowed use their own IT equipment are those clued up enough to know why this is a very, very bad idea and know that at the very least it's their job and pension on the line if they screw up.

As for the definition of "their own IT gear" , if anyone else has physical access to it then it's no longer their IT gear. Ditto for opening email with attachment and surfing the web.





http://www.theregister.co.uk/2013/03/04/botnet_price_list/

Botnets with drones solely located in Canada, Germany and Great Britain cost $80 per 1,000. Prices for top-of-the-line US machines start at 1,000 zombies for $120. By contrast machines located nowhere specifically cost almost five times less.

SB2013

monkeypants wrote: »

And were these laptops, discs and USB keys encrypted and regularly scanned for security threats?

No. But a copy of cctv wouldn't be anyway as it would be provided by whoever owned the cctv camera.

monkeypants wrote: »

Were these memory keys examined and declared safe before they were connected to the Garda network?

Doubtful. But the network itself is internal and encrypted.

monkeypants wrote: »

Fair enough, but is the entire force compliant?

Isn't that a concern with any data protection regime?

monkeypants wrote: »

Personal USB keys should not be used. Only ones that have been purchased, verified and controlled by the Gardai. Should also be encrypted and their use logged.

You won't find any arguments against that but Gardaí can't do that on their own. It has to be provided by management.

monkeypants wrote: »

From what I've read in this thread so far, I have security and data protection concerns if members of the force are using their own laptops and USB keys without any measures in place.

You should be happy with the industrial action so as it is no longer a concern.

Rasheed

mconigol wrote: »

Bit contradictory no?

Sorry, I should have explained further. Sometimes I might have to present a case to the multidisciplinary team about a certain patient. If I haven't time to do it at work, I'll do it at home on my laptop and email in. If that happens, we're forbidden from using any identifying factors such as name, DOB, address, hospital number because its outside the protection of the hospital computers. That's my experience of it anyway!

Phill Ewinn

Chemical Burn wrote: »

I can (and have to) use my own. Yes, it's easier, more familiarity, so less excuse for cock ups. Save tax payer a bitta dosh too. There should be a Universal Garda server though onto which all work related data must be saved (and only saved onto this).

Thatscrazy. Format the bloody thing or burn it. Have some sense please.

Dravokivich

For fúck sake, you can do the same scare mongering for anyone who uses anything with network capabilities or that's easily mobile.

Back to the pidgeons and short hand script lads. Anyone got any old enigma machines with custom encryption lying about?

HondaSami

Xenophile wrote: »

Should Gardaí have permission to use their own personal laptops in the course of their duty ?

Yes of course, how else will they get anything done, it is their own laptop nothing to do with AGS data, it's not linked.
The use their own phone to take pictures of incidents all the time.

monkeypants

SB2013 wrote: »

No. But a copy of cctv wouldn't be anyway as it would be provided by whoever owned the cctv camera.

And how does the Guard who inserts the disc or USB key with the footage know that the footage is the only thing on there?

SB2013 wrote: »

Doubtful. But the network itself is internal and encrypted.

But what happens once the USB key is removed from the network connected PC? I assume that it's unencrypted and the data can be read by anyone. There's no control over what's coming in and what's going out.

SB2013 wrote: »

Isn't that a concern with any data protection regime?

Absolutely. However, I can prove that all 80+ machines used by my staff are patched to the latest OS level, all local databases are encrypted, antivirus and firewall are in place and the hard disk is encrypted. If someone makes a local copy of a database and doesn't encrypt it, their machine will be scanned the following day and I'll get notified.

I don't have a way of preventing people from using their personal USB keys, but I see people using them or connecting their phones, I tell them to disconnect them. I have a controlled USB key that I can share if it's absolutely required. Most things can be shared over the network. Later this year I expect measures to be brought in to prevent that.

Can the environment be compromised? Probably, but not easily.

SB2013 wrote: »

You won't find any arguments against that but Gardaí can't do that on their own. It has to be provided by management.

Agreed.

SB2013 wrote: »

You should be happy with the industrial action so as it is no longer a concern.

Not really. If the Gardai need equipment to do their job effectively, then it should be provided to them. The same as I do for my staff. Do I have to make a business case to get funding sometimes? Yes, but that's the game.

MadsL

monkeypants wrote: »

I don't have a way of preventing people from using their personal USB keys, but I see people using them or connecting their phones, I tell them to disconnect them.

Why not disable USB use at the network level? It can be done at Group Policy level I believe.

Zer0

No, you should always keep your professional life and personal life separated, especially if it's in this line of work. I could understand if it was a different line of work, one that isn't related to sensitive data, court cases, interviews etc etc.. you could use your own gear then. But in a line of work where confidentiality and data safety is a concern then no, I don't think it'd be wise.

monkeypants

MadsL wrote: »

Why not disable USB use at the network level? It can be done at Group Policy level I believe.

Because every now and again, a USB key is necessary. It depends on the data being moved though.

Teyla Emmagan

No. Like would happen in any other organisation with a decent information security policy.

Dravokivich

monkeypants wrote: »

Because every now and again, a USB key is necessary. It depends on the data being moved though.

Measures can be implemented for data to be encyrpted, with tools such as Truecrypt. It makes it very easy to do, not so much to undo.

Grayson

There have been multiple examples in the UK of data being lost on unencrypted devices.

I personally wouldn't allow anything access to the network except authorised machines. And those machines would all be granted by the Garda IT department. They'd have the best protection money can buy. Those machines have to have encrypted drives, and on the very rare occasions that information has to be taken on a USB key, it should only be placed on a hardware encrypted device by an authorised person. And that information should never be allowed be taken home or anything like that. If a Garda needs to work from home he does so using a garda laptop on a VPN.

Even encryption isn't safe now, but simply put, you have to enforce this basic leven of security.

I'm not a hacker, but give me 5 minutes access to one of their personal laptops and I'll give you everything they ever did or ever will do on that laptop. Even without direct access, it's not that hard to get remote access.

monkeypants

Dravokivich wrote: »

Measures can be implemented for data to be encyrpted, with tools such as Truecrypt. It makes it very easy to do, not so much to undo.

I have PGP installed on all my staff machines, plus on the USB key that I occasionally use. There's nothing customer related on the USB key anyway. There's a whole new level of pain associated with going down that route.