Select Page

What You Need to Know About Migrating to a CJIS Compliant Cloud

Criminal Justice Information Service (CJIS) is a division of United States Federal Bureau of Investigation. The CJIS was established in February 1992 and has evolved to Version 5.4 as of October 6 2015. FBI created Criminal Justice Information Services Division Security Policy to provide authorized agencies with a security management structure for protecting, accessing Criminal Justice Information (CJI).
This policy is not just a certificate from the FBI but it provides security framework and Foundation that enables government agencies to evaluate their own Procedures, Networks, Service Providers and Cloud Providers.
What You Need to Know About Migrating to a CJIS Compliant Cloud

CJIS policy is developed by the Advisory policy Board which is representation from the association of several organizations that has people representing different states and this policy is enforced by the FBI CJIS division and CJIS assistance agencies in the state.

This Board is made up of representation from Federal government state agencies and Local agencies. Each state has the systems officer and he is the one responsible for ensuring all law in the state and then there is security politician security officer which is responsible for the technical requirements.

First CJIS Contract for the Cloud Storage

In an effort to support California Law enforcement agencies with the FBI’s requirements for secure cloud storage of (CJIS), Amazon Web services (AWS) signed the Criminal justice Information Service Security Addendum with state department to run CJIS workloads in the AWS cloud. This agreement secures the criminal justice data within the cloud Storage. After signing this agreement all the Law enforcement and government agencies will use cloud services for storing, transmitting and processing CJI data. StoneFly provides the Cloud Connect to Amazon AWS Cloud. This is the first Contract of AWS with California State and after that multiple contracts have been made with other states too. Currently these are the states for the CJIS and Cloud Storage agreements

What You Need to Know About Migrating to a CJIS Compliant Cloud

Criminal Justice Information Services stores and maintains the FBI’s vast amount of crime information data and services. It is kind of a home for the most important data sources of law enforcement across the U.S., including the National Crime Information center which is a 24-hour crime information clearinghouse that informs police officers for the warrants and criminal histories.

The following Information is identifiable as Criminal justice information:

  • Biometric Identification Information
  • Background Check Information
  • Registry and Host information available to criminal intelligence analysts
  • House National Finger Prints Information
  • Audio and Videos of the Crime committed
  • Audio and Video Recording of Personal Identifiable information (PII)

CJI also has the the automated finger print identification system and the automated finger print identification system.

Why CJIS is important?

With the Help of Law enforcement-based data sharing there is no risk of data leakage but the point which should be kept in mind is that this pool of information is shared with all the available officers.  Several authorities have experienced a Ransomware attacks but fortunately they were all unsuccessful attempts.

Criminals have interest in Law enforcement Data, In case they get access in police database, they can alter criminal records, gather personal information, distracting police and gaining the complete knowledge based advantage over the criminal enterprises.

Cloud storage requirement for CJIS Compliance

For CJIS compliance data security is the top priority. The data center where the data needs to be stored should be secured and encrypted both in storage and transmission. CJI should never be data-mined or read by the cloud provider. CJI should also be separated physically and logically from other data to prevent unauthorized Access.

Another requirement from the cloud storage provider is that they should retain 99.9% of uptime because of the importance of the information and services.

Recent Posts

What to Consider when Implementing DRaaS for ransomware protection

What to Consider when Implementing DRaaS for ransomware protection

According to Gartner, downtime costs more than $5,600 a minute; therefore, every business needs a reliable means of backup and disaster recovery. Disaster Recovery as a service (DRaaS) provides recovery in the cloud and is a cost-effective and highly efficient...

Downtime Cost: How to Calculate and Minimize it

Downtime Cost: How to Calculate and Minimize it

Downtime is bad for business. When applications, data and services are unavailable, business is disrupted, customers and stakeholders are unhappy, and regulatory authorities fine you. The true cost of unplanned downtime goes beyond lost revenue. How does one calculate...

Disaster Recovery as a Service (DRaaS) or On-Site DR Appliance?

Disaster Recovery as a Service (DRaaS) or On-Site DR Appliance?

Disaster Recovery-as-a-Service (DRaaS) delivers serverless recovery capabilities while disaster recovery (DR) appliances provide the on-prem secondary site that facilitates quick recovery. Which of the two is the best fit for you? Both deployment options have their...

FC SAN vs iSCSI SAN: What’s the Difference?

FC SAN vs iSCSI SAN: What’s the Difference?

Storage area networks (SANs) are a permanent fixture in corporate data centers used to host high-performance block-level structured workloads such as databases, applications, etc. If you’re familiar with SAN systems, then you’ve heard of Fibre Channel (FC) and iSCSI...

You May Also Like

Subscribe To Our Newsletter

Join our mailing list to receive the latest news, updates, and promotions from StoneFly.

Please Confirm your subscription from the email