Here is a story from Connecticut about the compromise of a confidential informant through the allegedly corrupt actions of a police officer. The story relates how an officer allowed his girlfriend access to a computer that held the details of a confidential informant and the officers involved in a drugs arrest.
Cases like this should make every Chief ask the question: “Could this happen to us?”
How and where the identities of confidential informants and their management are kept need to be audited and vulnerabilities identified, In essence, the only people that should be able to see the true identity of an informant are those officers directly involved in managing that informant. The software used should be deployed on a separate server or secure cloud. Access should be limited using two-factor authentication (2FA) to those who need to know.
The software should generate a record of who accessed any content and when.
If you want to discuss this any further give us a call on +447739370969 or drop us a note on info@hsmtraining.com We are here to help. We can tell you what your software should have.