Make this page my home page
  1. Drag the home icon in this panel and drop it onto the "house icon" in the tool bar for the browser

  2. Select "Yes" from the popup window and you're done!

October 12, 2010
Print Comment RSS

Tim Dees Police Tech & Gear
with Tim Dees

The LAPD's not-so-smooth transition to Google Apps

Google's applications reside on the thousands of remote servers rather than on your desktop, which is both good and bad for security

The City of Los Angeles made a bold decision in moving their in-house network from a Novell network to Google Apps. The changeover isn't going especially well, particularly where the LAPD is concerned.

Nearly every business these days uses some kind of internal network. Networks allow users to access files created by others, print documents on printers not physically connected to a computer, and otherwise collaborate and share resources. Most use some variant of the networking systems offered by Microsoft or built into operating systems like Windows 7 and Vista.

In contrast, LA has been using a Novell network. Novell was a major player--maybe the major player--in corporate networks until the various flavors of Windows started eating away their market share. There is an element of voodoo to operating any large network, but Novell has their own protocols that make knowledge of other network systems negligible in understanding how to run Novell's.

The city decided to abandon Novell in favor of Google, issuing a contract with the search engine giant for $7.25 million to upgrade and convert their 30,000 users to Google Apps. The LAPD has 17,000 of those users--over half the city's network-using employees.

Many users city-wide are complaining about lack of functionality and missing features as compared with the Novell system they're used to. Google says this is mostly attributable to lack of familiarity with the system, and that users have the same capabilities they had with Novell. LAPD's concerns lie more with security.

Google Apps is a collection of computer services and applications that reside "in the cloud," that is, on the thousands of remote servers Google has all over the world. Where most users of Microsoft, Adobe and other major software players' applications run their programs on the user's computer, Google Apps places most of the code and the data in the ether. If the local machine crashes, is stolen, or gets sucked into a black hole, no worries--switch to another machine and pick up where you left off. The security concern comes from exactly the same place. If anyone can access this information from any computer, what is to keep the bad guys from doing it?

The concern is not unfounded. In May 2010, a hacker got access to internal files from Twitter, which uses Google Apps for their corporate networking. Supposedly, the hacker first made it into a Twitter employee's Google account via a compromised password, then guessed the answer to the employee's security question by examining other documents contained within Google Apps. From there, he was able to change the passwords on the accounts and take his time going through whatever he found.

Password security has always been a problem with computer networks. IT managers fight an ongoing battle with users who do their best to circumvent security protocols by using easy-to-guess passwords, or who start with a secure password and then alter it only slightly when they're required to change it. "98T%wG" is a reasonably secure password, but if its user changes only one character when required (say, to "98T$wG"), someone who has the first password won't find it all that difficult to obtain the second one.

Google Apps recently added two-factor authentication to its capabilities. With two-factor authentication, the password is Something You Know + Something You Have. A user might log in with a conventional password, and then Google would send a text message or voice call containing a second password. If you don't have a smart phone or another device that receives the second part of the password, you can't get access. It might also be possible to get the second password from an app running on a smart phone, so that a user could log in without a network cell phone connection. Two-factor authentication can also combine a password with a biometric token, such as a fingerprint or iris scan, or a physical RFID device.

Some critics argue that Google saw the City of Los Angeles coming by charging them almost $250 per user for the conversion, given that access to Google Apps and GMail accounts are free for individual users. In Google's defense, it wouldn't look all that great to have the LAPD chief's e-mail address be something like ChiefCharlieBeck@gmail.com, and this plan provides not only networking, but regular office applications that would otherwise be purchased separately. It is still a significant gamble to bet the security of sensitive investigations on tools that live "in the cloud."

About the author

Tim Dees is a writer, editor, trainer, and former law enforcement officer. After 15 years as a police officer with the Reno Police Department and elsewhere in Northern Nevada, Tim taught criminal justice as a full-time professor and instructor at colleges in Wisconsin, West Virginia, Georgia, and Oregon.

He was also a regional training coordinator for the Oregon Dept. of Public Safety Standards & Training, providing in-service training to 65 criminal justice agencies in central and eastern Oregon.

Tim has written more than 300 articles for nearly every national law enforcement publication in the United States, and is the author of The Truth About Cops, published by Hyperink Press. In 2005, Tim became the first editor-in-chief for Officer.com, moving to the same position for LawOfficer.com at the beginning of 2008. He now writes on applications of technology in law enforcement from his home in SE Washington state.

Tim holds a bachelor’s degree in biological science from San José State University, a master’s degree in criminal justice from The University of Alabama, and the Certified Protection Professional credential from ASIS International. He serves on the executive board of the Public Safety Writers Association.

Dees can be reached at tim.dees@policeone.com.

Keep up on the latest products by becoming a fan of PoliceOne Products on Facebook


Request product info from top Technology companies.
First:*Zip Code:*
Last:*Telephone:*
Department:*I recommend or purchase products for my Department:*
Department size:*Purchasing Timeframe:*
Email:*
*Required Field


PoliceOne Offers


Technology Sponsors

Featured Distributor

Featured Products

Discover MorphoBIS, The BEST in Identification

Discover MorphoBIS, The BEST in Identification



MorphoIDent, More Than Just Another Mobile ID Device

MorphoIDent, More Than Just Another Mobile ID Device




Featured Videos

Top Product Articles

Featured Deals

Featured Product Categories

New Products

Police Technology Questions

PoliceOne Offers