Meetings
 
 
Print
AGENDA ITEM REPORT

Title: Report on Completion of POST Authentication and Secure Services
REPORT PROFILE
MEETING DATE
10/27/2016		 BUREAU SUBMITTING THIS REPORT
Computer Services Bureau
RESEARCHED BY (PRINT NAME)
Colin O'Keefe		 REVIEWED BY (PRINT NAME)
Dave Cornejo
REPORT DATE
09/12/2016		 APPROVED BY
Manuel Alvarez, Jr.		 DATE APPROVED
09/20/2016
PURPOSE
Project Status Report		 FINANCIAL IMPACT
No

ISSUE:
This is an informational report on the completion of POST Authentication and Secure Services (PASS).
BACKGROUND:
In 2014, POST’s Web-based applications (including EDI, the Learning Portal, POST Website, Automated Profiles, CPT Status, Basic Course Website, Course Catalog, etc.) each used a separate user password database.  There was no facility for central administration, and users of these assets were forced to remember several user names and passwords.  This caused confusion in the field, and caused over 550 calls per month to POST for help with various account issues.  In addition, these multiple accounts databases, residing in several locations and with varying levels of encryption, represented a potential cybersecurity issue.
ANALYSIS:

Beginning in September 2014 and concluding on August 1, 2016, staff completed a major effort to rewrite the authentication procedures for all Web-based POST sites.  POST Authentication Secure Services (PASS) unifies all major POST systems into a common login and user database mechanism.  This greatly enhances the security of POST’s Web-based applications by storing encrypted passwords in a single secure location.

PASS also significantly increases POST’s ability to communicate with law enforcement throughout California.  Upon creation of an online account, law enforcement officers are matched to their EDI records, and internally identified by location, agency, rank, region, years of service, etc.  This allows instant delivery of specific information, such as training profiles, CPT status, and courses of interest to the individual.

Law Enforcement Consultants may also use this information to send relevant and timely messages to groups or individuals.  For example, a POST Area Consultant may wish to advertise an upcoming workshop to one or more specific regions or agencies located close to the event.  Messages sent by PASS are highly automated and require no manual compilation of recipient lists.  Messages appear on all POST websites, in addition to broadcasting by email. 

Finally, PASS improves ease of use, by allowing users to access all permitted systems using a common username and password, and allowing transition between systems such as EDI, the Learning Portal, and the Website without entering redundant login information.  

The implementation timeline and account growth statistics for PASS may be viewed in Attachment A.
RECOMMENDATION:
This report is presented for information only.  No action is required.
 
ATTACHMENT(S):
Name: Type:
Attachment_A_-_PASS.pdf Backup Material