Government – CJIS
Protecting the Criminal Justice Information System Database – As Required by the FBI
As with other industries, the daily operations of law enforcement and criminal justice organizations rely heavily on obtaining, holding and sharing sensitive data. The FBI’s Criminal Justice Information System (CJIS) is responsible for providing many critical pieces of data that criminal justice organizations and contractors need to conduct business every day – including fingerprint records, sex offender registries and criminal histories.
There are understandably strict regulations and standards for anyone accessing CJIS data and this applies to any cloud application provider or vendor providing products or services related to this data.
New Standards on CJIS Data & Maintaining Compliance
The FBI, collectively with other law enforcement officials, published new CJIS standards in order to address how CJIS information is accessed and shared across the country and world. By September 2014 (the extended date), all organizations that access the CJIS database must institute specific standards, including what the FBI calls “Advanced Authentication”, which specifically entails the need for multiple security measures for anyone accessing or administrating CJIS data, even network administrators. Another requirement is to ensure any data moved outside of a secure facility is properly protected at all times.
While the requirements and process to be compliant may seem daunting, there are solutions available now that can properly encrypt sensitive data and bring vendors into compliance with the CJIS policy. One solution to consider is a Cloud Encryption and Tokenization Platform, which intercepts sensitive data while it is still on-premise, encrypts or replaces it with a random token and protects the data whether at rest, in transit or on the cloud. As the proliferation of the cloud continues, more stringent regulations surrounding sensitive data held in databases and systems such as the CJIS can be expected.
Blue Coat Available on the GSA Schedule
US Federal and State agencies have the ability to purchase Blue Coat solutions via contract #: GS-35F-0311R.
Only Blue Coat Can Deliver
Strongest Available Cloud Data Control – No data is shared in “the clear” outside of your network; data is secured at the field-level control based on user defined tokenization or encryption options. Enterprise retains full control of the token vault and/or the encryption keys securing the data.
Only Solution That Supports FIPS 140-2 Encryption While Preserving Cloud Functionality – To preserve application functionality, all other vendors require the use of their own proprietary weakened encryption within their platform solution. Close analysis of their modules and associated certifications reveals that non-compliant algorithms unavailable in FIPS-mode are required to encrypt sensitive data when an enterprise needs to preserve critical cloud functionality.
Only Solution with 3rd Party Audited Tokenization Solution – Blue Coat enables organizations to use well documented and proven tokenization techniques to protect information as an alternative to encryption. The tokenization technique deployed within the platform – which is especially useful for data residency and data sovereignty requirements – has been audited and validated against relevant industry standards by CoalFire Inc, a PCI DSS QSA and a FedRAMP 3PAO.
Doesn’t Tie Support of Cloud Application Functionality to the use of Specific Encryption Techniques – Enterprises value flexibility because nothing is as certain as change. Only Blue Coatlets enterprises change the underlying data protection techniques used within the platform over time – at their own discretion – as they see fit. All other alternatives in the marketplace require the use of specific, unproven techniques in order to preserve cloud application functionality.