Evidence storage is no longer simply limited to keeping a locked room containing physical items that are bagged and tagged. Law enforcement agencies must also store an ever-increasing amount of digital evidence including video, audio, and still photos from all manner of sources, including body-worn cameras and in-car video systems. And it's important that it be kept safe.
The first thing most agencies want to know is whether they should store their data on-premise or in the cloud. Here is how Jack Marks, Panasonic strategic planning manager for the public safety solutions division, explains it:
"First, there is 100% cloud storage. With this, agencies pay a recurring subscription fee to store the digital evidence in the 'cloud.' Evidence is uploaded via the Internet and stored off-site by a cloud hosting company. Next, there is 100% on-premise storage. Agencies store and manage their digital evidence on-site using a central server architecture with local storage systems. And finally, there is hybrid storage, a combination of the two approaches. In this case, digital evidence may be stored on local storage systems or cloud storage, according to agency policies. Local storage is often used for immediate access to digital evidence, with the cloud used for long-term archival storage."
On-premise storage is still the most common. But the tide is turning in favor of the cloud, with its ability to continually update security measures to the newest standards and replicate files in multiple locations to protect it.
Regardless of which you choose, the same basic principles apply. Here's what you need to know about the main concerns in setting up and maintaining storage for an agency's digital evidence over the long term.
"Physical evidence will always be secured in a locked room. The unfortunate thing about digital evidence is there isn't anything physical about zeroes and ones," says Jim Cleaveland, president of Quetel. "What you want to be sure of with digital evidence is that it is immediately backed up—the word is replicated—so when it's initially uploaded, it's not just stored in one place, but also immediately stored in a second location." Or maybe even a third as well.
If you have on-premise servers, you'll need everything replicated in at least one more location. That means more room is needed for the additional servers—preferably at a separate location—and all of those servers need to meet the necessary standards.
If something catastrophic occurs that damages your servers or otherwise erases or corrupts the data, you want an exact copy to be safe in a separate location. Otherwise, a criminal could go free because of a lack of evidence that would have been needed to convict.
In the case of the cloud, as soon as it's detected that the servers housing the data have been damaged, another copy will be generated in the cloud and saved to an additional separate location. "Using the cloud, making that almost instantaneous cutover/failover, can take just a matter of seconds, such that the user almost doesn't perceive it," Cleaveland says.
The Cost of Security Measures
Redundancy is only part of the equation. When establishing the infrastructure to support digital evidence storage you need to make sure security protocols are followed. You also have to make sure they are maintained adequately over time. Otherwise, valuable sensitive data could be lost.
This is why it's imperative that any IT staff be extremely well-versed in how to follow such protocols and have enough knowledgeable people to carry out the needed measures. Systems designed to maintain data in the cloud can automatically apply patches and otherwise maintain security on an ongoing basis without the need for people to remember to do it. This can be especially difficult for short-staffed IT departments to handle on their own when maintaining local servers. And that's only after the initial controlled environment of the server architecture has been established, which requires a significant investment.
Which is why many agencies are willing to pay for the products and services to handle all of this for them, once they understand its value.
Potential customers often ask for an explanation of why they should pay for such services, says Erick Ceresato, product group senior manager for Genetec. "We're selling an application to manage evidence. There's a price to that," he says. Agencies will see that they could subscribe to an AWS Blob storage account or an Azure Blob storage account, and pay pennies per gigabyte, which is going to be cheaper on the front of it. But that only pays for the storage itself. It doesn't take into account the security measures that need to be employed to preserve the data.
"In the application itself, we're adding the extra security levels, the encryption for the audit trail capabilities and user authentication," says Ceresato. "This is the major contrast between having a purpose-built application and just having information storage."
Of course, the company maintaining such services must still have a team of knowledgeable people behind the scenes to have put all of this together, as well as solid products. So it's important to do your homework when deciding what company and evidence management system to use for storing your digital evidence.
"To verify the security of the solution, agencies should investigate the cloud hosting provider they are considering and ask some basic questions," advises Marks. "For example, does the cloud storage solution comply with all applicable local, state and federal regulations? How can you ensure your evidence will be readily available when you need it? In this way, agencies can be confident of the security of their cloud solution."
Evidence must be kept for very long periods of time in some cases, depending on retention policies and statutes of limitations. "You need to make sure there's security in place to ensure the preservation of evidence for the appropriate amount of time," warns Ceresato.
And this requires some complicated programming, especially when so many people will be accessing files with varying levels of permission. "It's one thing to be able to store files from an interview from a surveillance camera or from a body camera onto a storage device such as a DVD. It's something else though to be able to ensure that only authorized users—authorized officers and personnel—are going to be able to review the information," says Ceresato.
Digital evidence security should include audit trails, customizable permissions, and strict authentication protocols. This is why all law enforcement technology must follow Criminal Justice Information Services (CJIS) security standards, which cover best practices in wireless networking, remote access, data encryption, and multiple authentication. And this must hold true when the data is at rest (just sitting there in storage) and when it's in transit, being viewed in different applications by different people. This is very important for maintaining the chain of custody.
Storage is only useful if it allows access to the data when it's needed. "Don't put the storage in a prison so it's locked away and not accessible," says Cleaveland. Evidence management systems of course help organize the data and make it much easier to find and retrieve as needed. And an integrated solution that ensures the compatibility of all devices collecting digital evidence is helpful. This is true whether the data is being uploaded to the cloud or manually transferred.
Storage needs depend on the number of devices that will be capturing data, the size of data captured per hour, for instance, how many hours of data, and how long the evidence will need to be kept. This helps determine the amount of storage that will need to be paid for.
Agencies pay for both storage and management services using a subscription model. "They pay per device, typically, for both the equipment and the storage," says Cleaveland. "They essentially provide upfront an unlimited amount of storage. You begin by storing a small amount the first year, and more as you go. You're paying for a lot of unused storage at first. But it evens out as you are using more down the road," he explains.
There are different subscription models available for cloud services, including monthly, annual, and multi-year agreements. "It's going to be up to the vendor to make sure that they have the payment policies or the subscription terms that are convenient and flexible for customers," says Ceresato. "So for government purchases, oftentimes we'll be looking to make annual or multi-year commitments to facilitate procurement through an RFP. But it's still advantageous for smaller contracts to be purchased monthly, maybe on a procurement card. And at that point, it could just be paid off on a month-to-month basis."
You can also get better deals if you purchase up front, Marks advises. For cloud-based plans, he recommends "unlimited storage" options, "since retention policies may change over time, requiring you to keep data longer." He also says leasing options are available for on-premise systems.