The PrisonPC Secure Prisoner Interactive Learning System solution has been designed from the ground-up with security as its foundation. It provides an extremely secure and fully functional computer solution for prisoners, denying access to insecure devices (e.g., web-cams, WiFi, USB storage, etc) while enabling education providers to deliver numeracy and literacy training as well as academic and vocational programmes to prisoners.
Security is of paramount importance in any correctional facility and as such PrisonPC employs a multi-layered default-deny security policy throughout. In the unlikely event a security mechanism is breached then multiple lines of defence protect the system from further attack by hostile users.
Desktop Security
PrisonPC desktop computers contain no writable storage media (such as hard-drive, USB storage, or writable DVD/CD) making them resilient to any method of permanent user modification or unauthorised changes. Desktops are invulnerable to third-party virus, spyware, keyloggers or other malware attack and to attempts by inmates to install any applications.
Physical Security
AiO (All-in-One) desktop computers are recommended for correctional facilities as they greatly restrict the capacity of prisoners concealing physical contraband within the computer chassis.
The PrisonPC Safety Pack includes a keyboard, mouse, IR remote, network cable, headphones, power cable, and audio cable designed with the physical safety of both prisoners and staff as a high priority. The keyboard and mouse are compact and light-weight, and all cables are 30cm in length. These features reduce the risk of using the devices as weapons or for self harm.
Server Security
Inmates have their own restricted file storage directory on the server which is securely isolated from all other inmates. Only the relevant inmate and authorised corrections staff are able to gain access to inmates’ data.
Network Security
PrisonPC’s unified management console is protected against electronic intrusion from unauthorised users, or from unauthorised locations, and all authentication information is fully encrypted in transit.
Device and Media Security
Technologies such as high density USB storage devices and 3G modems have been known to be smuggled into and out of prisons as a means of communication or for access to non-approved media, however PrisonPC blocks all USB communication and storage devices.
Only approved and secure devices can be connected to PrisonPC desktops. Unlike off-the-shelf commodity systems, PrisonPC explicitly denies access to foreign devices such as 3G modems, USB ’thumb drives’, WiFi controllers, web-cams, and Bluetooth transceivers.
Optical Media
Inmates are restricted from making use of unapproved DVDs. Attempts by an inmate to use media not approved for their use will trigger an alert for staff attention.
Event Logging and Monitoring
Extensive logging of user sessions is recorded in the system logs for prison staff to audit later if required. Prison staff can remotely monitor or control inmate desktops for remote support or clandestine monitoring.
“Security best practices aren’t aspirational goals, they’re the baseline of professional competence. [They] aren’t the ceiling you reach for, they’re the floor you stand on.”
– Barry Anderson - Security Architect, Cisco Systems