Australian Victoria Police seeks self-imposed data logging and filter

Australia's Victoria Police has gone to market to find a service provider that will help it implement a data filter and retention scheme for its employees using the internet.

Described as a "web content filtering solution", Victoria Police's request for tender seeks to retain an audit trail of its employees internet usage for a minimum of seven years.

Victoria Police's specifications require audit reports to include a "complete audit of internet usage by a specific individual", with enough detail that it can use it "for use in criminal prosecution or disciplinary hearings".

The audit reports are expected to include, among other variables, employees' browser information (user agent), session information, and the URL and IP of the service they are accessing.

According to Victoria Police, a filter is expected to reduce the risks of "cyber threats introduced by viruses or other malicious code from affected websites", while also allowing it to control user access to particular websites.

The law enforcement agency wants to be able to specify which websites and services are blocked, with provisions put in place so it can continue to update a blacklist. It also specified that it would like to implement a "time limit for personal use" window, so it can restrict its employees use of certain sites to a particular number of hours per day.

Further restrictions on employee use include whether or not to permit HTTP connections based on the application that is requesting it, allowing it to force or prohibit, for example, the use of certain web browsers.

While not explicitly stated in the specification, a diagram outlining the workflow of how requests, filtering, and logging should be processed indicates that regardless of whether a particular URL is allowed or not, all activity is logged.

Combined with the auditing requirements it has specified, Victoria Police will be able to determine which of its employees request a specific website or category of website, and/or download the most data. It also affords Victoria Police the ability to track how many times an employee attempts to access blacklisted sites.

The implemented system will need to comply with several standards and guidelines, including Defence Signals Directorate's Information Security Manual and the international ISO 27000 family of standards, which covers best practice for information security management.

Tenders close on May 1, and Victoria Police expects to complete its evaluations on May 24. After negotiations with tenderers, it is expected to award the contract on June 5 so that work may commence on June 11.