"A risk assessment of the Piql Services" by FFI

Security requirement

During production

During transportation

Production site only accessible with authorised ID verification solutions.

Armoured or otherwise fortified truck used by a professional and trusted transportation service provider. The doors are locked at all times. The goods are labelled and scanned for constant tracking. During the journey they are stored in a safe in the holding area, protected by a PIN lock. The goods are under constant watch. The personnel are not allowed to leave the goods unprotected. One driver and one additional security officer. Sound vetting procedures for all personnel (either security clearance or criminal record and credit check depending on sector).

Access control

Alarm systems triggered by sensors installed in connection with locked doors outside office hours. Summons security personnel. CCTV coverage of access points and all production rooms from multiple angles. Guards monitoring the CCTV footage outside office hours. During office hours, the CCTV footage is merely recorded.

Alarm systems

Camera surveillance

Security personnel

Table 5.7 The security regime during the production and transportation phase

5.5.3

Security Requirements – Computer Security

As the Piql Preservation Services is both an online and offline commodity, describing only the physical security surrounding it is insufficient: we must also describe the architecture design of the IT system used by the Piql partners during the production of the piqlFilms, i.e. when the digital data received by a user, or client, is converted into the piqlFilm. 11 It is only during this production phase that the Piql Preservation Services are connected to external networks like the internet, but with relatively strong security mechanisms implemented. For the rest of the service journey, it is only the metadata extracted from the original files which can be found online. This section is very much linked to the service journey as described in chapter 2, but here we give a more detailed description of the IT processes which are performed along the way in the service journey. Figure 5.3 provides a detailed graphic description of these processes, and we recommend following the flow of information illustrated here for ease of understanding.

The first step of the service journey is when the original files of the user’s digital data, from now on referred to as the client data, is ingested into the system of the Piql Preservation

11 At the time of writing, there is no Piql IT system in operation for FFI to study, merely a test system. However, after having received sufficient information on how the operational system eventually will be implemented, we here base our analysis on this description of the Piql IT system.

39

FFI-RAPPORT 16/00707