As with other industries, the daily operations of law enforcement and criminal justice organizations rely heavily on obtaining, holding and sharing sensitive data. The FBI’s Criminal Justice Information System (CJIS) is responsible for providing many critical pieces of data that criminal justice organizations and contractors need to conduct business every day – including fingerprint records, sex offender registries and criminal histories.
There are understandably strict regulations and standards for anyone accessing CJIS data and this applies to any cloud application provider or vendor providing products or services related to this data.
The FBI, collectively with other law enforcement officials, published new CJIS standards in order to address how CJIS information is accessed and shared across the country and world. By September 2014 (the extended date), all organizations that access the CJIS database must institute specific standards, including what the FBI calls “Advanced Authentication,” which specifically entails the need for multiple security measures for anyone accessing or administrating CJIS data, even network administrators. Another requirement is to ensure any data moved outside of a secure facility is properly protected at all times.