Thank you for keeping this on-list! This could be quite interesting indeed.
-- Espi On Tue, Jun 2, 2015 at 10:59 AM, Gordon Pegue <[email protected]> wrote: > OK.... > > > > > > My question to those that might support a law enforcement agency is do you > have mobile laptops in your police cars that access the FBI NCIC system? > > > > I have a small fleet (6 units) of Dell Latitude XFR armored laptops that > I'm trying to get deployed (my first laptop deployment project) and I'm > having difficulties with the fingerprint reader hardware / software in the > unit. The Dell software is, quite frankly, a POS, so I was wondering if > your mobile units use the fingerprint reader to provide multi-factor > authentication in addition to a user name / password combination and if so, > what fingerprint software you might be using. > > > > More specifically, my units are using a sprint mobile card and once an > officer is authenticated locally, I have a script that runs at logon that > launches the mobile connection software, fires up the VPN connection > software, authenticates the VPN tunnel to my perimeter firewall / VPN > endpoint and launches the Mobile application software (what the officer > uses to do his/her job). Because of the way this all works (and it works > very well) and because of university IT policy, I am not able to > authenticate against the university AD. Hence, each officer has a local > user account setup on the laptop. This is where I run into difficulties > with the Dell fingerprint software. FBI security policy delineates - if I > am correct in my interpretation of the policy - that a mobile laptop > contained in a police conveyance has to have multi-factor authentication > implemented. I have chosen "password and fingerprint swipe" as the logon > method because fingerprints are a lot harder to lose than a smartcard. > Anyhow, the Dell fingerprint software is not smart enough to sense when a > new user (for example when a new officer is hired) is logging onto the > laptop for the first time and allow the enrollment of a fingerprint > *before* completing the authentication. What this means is that I then > have to manually setup each and every officer on each and every laptop > before I can enable the "password and fingerprint swipe" logon and deploy > the unit. > > > > If you are using a similar system, would you have advice or suggestions on > how you got yours to work, especially if your using a third-party > fingerprint software system? > > If you're using a smartcard system, how do you minimize the possibility of > your officers losing or misplacing their smartcard and thus not being able > to complete their laptop logon? > > > > TIA > > Gordon > > > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Micheal Espinola Jr > *Sent:* Tuesday, June 02, 2015 11:09 AM > *To:* [email protected] > *Subject:* Re: [NTSysADM] Law Enforcement IT query > > > > It sounds like it would be an interesting conversation to keep on-list. > No "IT support", but I have coordinated with local and federal on a few > occasions. > > > -- > Espi > > > > > > On Tue, Jun 2, 2015 at 9:07 AM, Gordon Pegue <[email protected]> wrote: > > I am curious if any of the folks subscribed to this list provide IT > support to a law enforcement or police agency and would be willing to > engage in an off-list correspondence. > > > > > > Thanks in advance > > Gordon > > >
