Cyber ResilienceSecurity

A day in the life of evidence: Part 2

Digital evidence is piling up quickly for law enforcement across the globe. In today’s challenging world of evidence management, investigators and detectives often have to access multiple systems to collect evidence and search for clues. That means spending a lot of time looking for, and trying to access and share, needed evidence across disconnected systems. According to one estimate, many police organizations must log into six or more systems to obtain the evidence they need for a case. And evidence can be difficult to share with the public, other law enforcement agencies and prosecutors.

In addition to creating inefficiency, this situation increases the risk that important evidence might be overlooked. It also negatively impacts public safety budgets, with excessive overtime being spent on investigations while case backlogs pile up.

One system for it all

The answer seems clear: Law enforcement needs a single system to manage evidence. And the goals are simple: improve investigative efficiency, reduce the impact to public safety budgets and improve case closure rates.

It’s a lot to ask from a single system. Evidence of all types needs to be ingested, stored, analyzed, shared, reported on and dispositioned, all while maintaining evidence chain of custody. Industry best practices for digital evidence systems include the ability to ingest multiple file types and formats (rich media, documents, forensic evidence, etc.), perform diagnostic assessments and establish the original ingestion with bit-by-bit mapping of the file. Systems that can provide data analytics capabilities and use artificial intelligence speed the pace at which law enforcement can connect the dots.

While in the evidence management system, evidence must be securely stored, typically with some type of role-based access control. Audit trails must be provided, with automated functions where digital evidence can be verified as remaining in the same state in which it was entered into the system. Audit trails also need to record dates, times, locations and identities of personnel who searched, selected, viewed, copied or attempted other actions on the original files in the system. A complete record of the actions taken with respect to the evidence must be produced, from ingestion to disposition.

Evidence retention policies must also be considered—they should define the timeframes in which evidence must be retained and made available if requested by the appropriate authority. And evidence disposition is another important part of a complete evidence management system. Just as with physical evidence, digital evidence is required to be deleted after a case is no longer subject to modification.

On-premises, hybrid or cloud?

How a digital evidence system is deployed plays an important role in the efficiencies gained. While on-premises solutions can deliver some of the needed functionality, cloud-based or hybrid deployments provide for maximum efficiencies. Using the cloud provides law enforcement with cost-effective, efficient and scalable solutions that can securely store large amounts of evidence. In the cloud, services can be deployed in a fraction of the time required for on-premises solutions, saving precious resources.

With public safety budgets stretched to the limits, and digital evidence requiring terabytes of storage, law enforcement IT officers simply can’t afford to just keep buying more server storage space. Scalable cloud deployments make it possible to accommodate rapidly changing demands on the evidence management system. Cloud implementations also enable collaboration, providing easier access to evidence for authorized users.

A comprehensive digital evidence management system has many layers. Think of it like a hamburger with all the toppings. On its own, each ingredient—bun, meat, cheese, lettuce, tomato, pickle slices, ketchup, mustard—isn’t as tasty as the complete product. And no one orders a restaurant hamburger one ingredient at a time. In the same way, policing organizations can benefit from a similar approach. Call it the Big Mac of digital evidence management systems. Do you have the Big Mac of digital evidence management?

At OpenText™, we’re working with law enforcement and government agencies worldwide to make the world a safer, more secure place by finding the truth in data. We invite you to visit us at security.opentext.com for more information.

Author: Chuck Dodson, Sr. Director Market Development

With extensive experience in information security, Chuck holds GSTRT and CISM certifications and brings a wealth of experience in public security, both as a practitioner and an industry advisor. Chuck specializes in developing emerging markets and driving revenue by translating technical value to business value, ensuring customer satisfaction coupled with execution excellence.

Related Posts

Back to top button