What are the security considerations for logging?

When you hold information about people that relates to law enforcement, there is a greater risk of harm if it is lost or misused. Victims and witnesses can be put at risk of harm if personal information is inappropriately accessed or shared. You must already be logging the access to such information as part of your wider information security considerations for the systems you use. Auditable logs of user behaviour are important for accountability. You must keep logs safe and secure, especially if you need them as evidence for disciplinary matters or a criminal investigation.

You should periodically review your logs in a way that allows you to identify any unauthorised actions, trends or patterns of behaviour as part of your protective monitoring of your systems. If users of systems know that you review logs, this can help deter them from inappropriate or unauthorised use of personal information.

You should ensure that system users cannot alter logging information themselves. This is to secure the confidentiality, integrity and availability of the records. For security purposes, you should only allow enhanced access to select people in your organisation to be able to view full logs. This prevents general users or external hackers from altering the logging records to cover up any suspicious activity or attacks.

Example

The user of a criminal casework system is authorised to view the basic logging information on a case file. This log record displays when a particular file was last looked at, by who, at what time, and on what date. The user is not able to change this logged information as it is held securely to ensure an accurate audit trail on the system.

However, another member of staff has permission to look at logs in more detail because their administrative role involves internal reviews and investigations. This detailed information displays an IP address or device ID, to show how the information was accessed and at which location.