Safe On Premise File Server

Key elements of storing digital evidence in the cloud… or not

Goals of this page:

  1. Continued talk about mounting issue of storing digital evidence
  2. How to organize it
  3. How to get rid of it after required hold time
  4. Where to store it (Cloud, NAS Device, DVD, etc)
  5. Security issues
  6. Data modification (redaction or other forms of manipulation)
  7. How to determine costs associated
    1. Costs of storage
    2. Bandwidth for passing files
  8. The difference between pics and media (in car camera / body cam)

In most cases, agencies will store all these digital media files on a network storage device, or worse a DVD, and rely on manual systems to keep these files organized.  The reality is that this data will pile up over time and become so cumbersome to work with that nothing is done.   It becomes a problem when IT suggests that it is time to clean the drive because it is out of space. Admins scramble as they realize there is no way to clean up all this data! Now you have 6 terabytes (or more) of data and no clue where to begin the cleaning process.

The OPFSS system allows agencies to use our SAFE, cloud based, evidence management system while keeping all digital media files stored inside your facility on a hard drive or network storage device.  These media files could include in car video, on body video, crime scene pictures or mappings and general docs like PDF, Excel, Word, JPG, BMP, etc.

This allows the agency the power of a physical and digital system while…

  1.     Maintaining control of the digital files
  2.     Preventing the upload of those files over your internet connection (which is often slow).
  3.     More affordable data storage fees v/s cloud data storage fees.  You simply bump the data storage on your end if necessary.  It is highly suggested that you create systems for data storage redundancy like you would get with most cloud based storage systems.  Please do not store these files on a single redundancy system where one point of failure means data loss.  If you do have a single redundancy system you are far better storing your data on a cloud storage device like Amazon S3.

Your organization can begin to manage not only your physical evidence but also the digital evidence that goes with it.  Gone are the days where this data piles up and no one deals with it.   When it is time to review / dispose of physical evidence you can also deal with the digital evidence.  Yes, your physical and digital evidence are in the same system!

Not only are you now managing digital evidence but you gain access control to your files.  Users can only view media that is accessible to them via the SAFE interface.  Since our system tracks digital chain of custody (who created, reads, downloads and deletes) you enforce chain of custody on your digital media.

Can I store my data in the cloud?

Yes, we also offer a cloud storage platform for media.  If you would prefer to move your data to our cloud platform, we can accommodate

Technical Stuff

This generally describes a common setup but cannot apply to every scenario there is.  

  • Your network will need two network storage drives (mapped drives).  One is for receiving all this digital media (users or devices have write only access, no delete) and another drive where our application will copy these received files (users or devices have NO access).

    In most cases, devices like on body cameras or in car video systems auto copy all of its data to this shared drive and users basically have no idea what is happening in the background.  This also potentially prevents with the tampering of these recording systems as users don’t have access to data files before they are placed on the storage drive.
  • Our IT with work with your IT to place the OPFSS system (windows service) on a windows machine and allow this program to read both the receiving drive and archived drive.  Any time a file is placed in the receiving folder the system will process the file, read all its meta data, push that meta data to the SAFE program and copy the payload file to the archive drive.  At no point, do we copy the payload file to the internet.  Because we are only copying the payload file from one drive letter to another the process is very fast.
  • Now that the meta data has been placed in the SAFE system and the payload file copied to the archive drive, users can now login to SAFE and process / organize the media files.  From a user perspective, they have no idea that they are working with a cloud based management system while the actual media payload file is within their network. 
  • Note: Many body cam or in car systems will allow data to be append to the file name or meta data before being copied off the origination drive.  If this is the case, we suggest that you append the officer name or some sort of ID to the file / meta data for easier searching later.
  • These two files were uploaded by a camera that appended ‘TEST_’ in the front of each file on this device.  Normally this would be the name or initials of the officer.
  • The windows service is going to use a system username to access the cloud based API for uploading of the meta data.  In most cases your organization will create a user account called  Because all files are uploaded using this username the CoC of custody for all media will show that this user uploaded all files.  There is nothing that can be done about this because the service has no idea which files belong to which users.

When media meta data is uploaded to our system we store a reference to where the file came from and a URL back to that machine.  See System Security below for who can access this URL.

System Security

While SAFE is a cloud based system, the OPFSS link will only be accessible from a machine where the user would normally have access.  If the user does NOT have access from outside your facility, then they will NOT be able to access the payload file off the OPFSS archive drive.  If you allow users access data from outside the facility, then they will have access from the SAFE interface.   You may also choose to employ IP blocking or multi factor authentication to further secure the data. Protection Status