Faronics Deep Freeze and Anti-Executable and the Los Angeles Police Department

The Los Angeles Police Department (LAPD) is the third largest local law enforcement agency in the United States, after the New York City Police Department and the Chicago Police Department.

May 29, 2012

Background

The Los Angeles Police Department (LAPD) is the third largest local law enforcement agency in the United States, after the New York City Police Department and the Chicago Police Department.

With just under 10,000 officers and more than 3,000 civilian staff, covering an area of 498 square miles (1,290 km2) containing a population of more than 3.8 million people, it is one of the most innovative and recognizable law enforcement agencies in the world.

The population size and density, the large geographical area, and the cultural diversity of the City of Los Angeles provide complex challenges for policing by the LAPD.

Problem

The LAPD patrol cars are set up with Mobile Data Computers (MDCs). There are currently 2053 patrol cars equipped with MDCs that run Windows XP. The MDCs provide access to a critical application called CAD (computer aided dispatch), which is used to connect the patrol officer with the 911 operators. CAD is a mission-critical system that needs to be up and running at all times to ensure uninterrupted connection for the patrol officers in the field. The LAPD relies on the 24×7 reliability of the MDCs to do their jobs.

Because cars are shared amongst officers, it is critical for the department to have MDCs perform consistently for every shift. The department was looking for ways to lock down the MDCs to prevent officers from downloading applications or making configuration changes to the operating system, which could cause degraded system performance and impact the integrity of the application. Another issue was ensuring officers are not distracted by unnecessary applications running on the MDCs.

“When in the field, officers need to react fast to dangers around them such as someone pointing a gun at them,” shares Sanjoy Datta, Senior Systems Analyst for LAPD. “To aid their situational awareness, as far as possible, their eyes should be on the community, not looking down at their patrol car MDC dealing with computer issues.”

The LAPD also needed to eliminate any opportunity for hackers and malware to access the MDC and acquire sensitive data or impact system performance of the CAD. “We needed to reduce the surface area for attacks,” says Mr. Datta. “In the field, when situations develop extremely fast, there’s no time to waste fixing computer problems. Officers need the utmost performance and reliability for their MDCs and they need it all the time.”

Solution

The LAPD decided to deploy Faronics Deep Freeze, an instant system restore solution that restores the MDC to its original configuration with a simple restart. To lock down computers and ensure officers focus on their patrol duties only, the LAPD implemented Faronics Anti-Executable. As a security solution, Anti-Executable allows the LAPD to restrict any unauthorized applications and malicious executable files from installing and running on the MDCs. Using a whitelisting approach, the LAPD can allow only approved applications to run on the MDCs, thereby ignoring any application that was not approved on their whitelist.

“Deep Freeze and Anti-Executable are crucial to preserving an image determined for mission critical law enforcement systems used 24×7 to ensure reliability and security with minimal downtime and with the least reliance on IT personnel,” says Mr. Datta. “Without these two solutions, we would be getting a lot more problems with the patrol cars and troubleshooting MDCs would be significantly increased.”

Benefits

Improving mission-critical systems uptime

“This configuration setup with Anti-Executable and Deep Freeze will reduce the amount of staff needed to manage the laptops while still keeping them up and running,” said Tom Hsieh, Senior Network and Systems Analyst at the LAPD. “I have seen all the problems that can occur in a workstation environment, but in a mobile environment, it is completely different because we have less time, staff, and resources to work with — and the service level is very important.”

Since Deep Freeze restores the computer to its original configuration upon each restart, patrol officers starting their shifts are assured they will not run into system problems and will be able to do their jobs effectively.

Prevent malicious attacks on MDCs

Although the LAPD has an anti-virus solution on each MDC, it is often unreliable due to problems with network connectivity. “Often, the anti-virus updates can’t complete since there’s no reliable connection to the Internet,” reports Mr. Datta. “This means MDCs are vulnerable to attacks since they don’t have the latest signature files for malware out there.” Since Faronics Anti-Executable doesn’t rely on signature updates, it can protect the MDCs at all times from malicious executables, which will otherwise evade anti-virus solutions.

Keeping patrol officers and the community safe

The LAPD places great emphasis on the safety of their patrol officers. Any distractions on their MDCs such as a social media application, game or any unwanted program poses risks to the situational awareness of the officers. Since Anti-Executable can restrict unwanted or unauthorized applications from installing and executing, officers remain focused on their mission of protecting the community and staying alert at all times.