Commissioner claims garda security ‘not compromised’ by her use of Gmail
Commercial email services are provided on portable garda devices across the force, but are only used to send non-sensitive material, a senior Garda official has said.
The disclosure was made as Garda Commissioner Nóirín O’Sullivan insisted there is no evidence to suggest the force’s security controls have been compromised by her use of a Gmail account for official business.
Chief administrative officer Joseph Nugent told a meeting of the Policing Authority that Gmail was put in place on devices provided by the force.
“In the very rare occasions when it is needed, it has been used for non-sensitive material,” he said.
Mr Nugent said he was confident there had been no threat to An Garda Síochána’s systems.
He said he had looked at hundreds of emails in the commissioner’s account and was satisfied there was no security issue.
Mr Nugent said certain third party services were used for convenience and never for sensitive material. Only material that was in the public domain, such as speeches, was sent using the email service.
However, he said garda policy on the use of email was currently being reviewed in light of reported attacks by hackers on commercial email providers. The review began in August.
Since then access to Gmail has been prohibited within the force’s physical wired network.
He said members of the force had also been reminded what they could and could not do with personal email accounts.
Mr Nugent said it was not possible to access certain file types on garda systems. There had also been a segregation of systems, so material from official garda emails could not have been pasted into Gmails.
Garda email can only be accessed by devices configured by the force, he said.
“I can’t walk into an internet café and access Garda email,” said Mr Nugent.
Earlier, Commissioner O’Sullivan insisted there is no evidence to suggest the force’s security controls have been compromised by her use of a Gmail account for official business.
Commissioner O’Sullivan told the authority she was happy she had not done anything to compromise security.
“I just want to out on record that I am very conscious of my obligations to protect national security and policing operations and would under no circumstances use any system which would allow them to be compromised,” she said.
“An Garda Síochána has strong security controls on the use and access to Garda IT. Our systems are secure.
“No evidence exists suggesting that have been compromised.”
Authority member Peter Costello asked if the use of Gmail compromised the Garda’s ability to respond to freedom of information requests.
But Mr Nugent said he didn’t see it as being an issue.
He added that if a Garda device was stolen they could take action to ensure the data they contain is not accessible.
Asked if there was a way of monitoring the content of Gmail traffic on Garda devices, Mr Nugent said it was being looked at as part of the current review.
“We will set up everything we can to add layers to our security system.
Earlier, the commissioner told the authority that despite a round of promotions being announced earlier this week there were “critical vacancies” remaining to be filled.
She estimated that at least 14 further senior positions would fall to be filled on foot of compulsory retirements in the first half of next year.
It is thought the most recent round of appointments were the last to be filled without input from the authority.
“We welcome the future engagement of the Policing Authority in the appointment processes and look forward to active engagement in this regard next year,” she said.