About the Criminal Justice Information Services (CJIS) Security Policy
A joint program of the FBI, State Identification Bureaus and CJIS Systems Agency, the Criminal Justice Information Services (CJIS) Security Policy outlines the security precautions that must be taken to protect sensitive information like fingerprints and criminal backgrounds gathered by local, state and federal criminal justice and law enforcement agencies. This policy contains specific requirements for wireless networking, remote access, encryption, certification of cryptographic modules and minimum key lengths, and much more.
Concerto is the Cloud of Choice for Government Agencies
Understanding the requirements to maintain CJIS compliance for your agency is one thing, but implementing them is another. Organizations can hire IT consultants, build the needed infrastructure, and devote entire teams to CJIS compliance. Or, they can choose a cloud services provider that specializes in providing and managing secure platforms that are CJIS compliant.
Agencies and application partners alike trust Concerto Cloud Services to provide fully-managed infrastructure and cloud platforms that can power mission-critical applications for federal, state, criminal justice and government agencies, all while protecting sensitive information and meeting the specific requirements of CJIS.
Our services include dozens of technical and process checkpoints as well as industry best practices that are specific to these organizations.
Some of the CJIS security requirements include
- Limiting login attempts by a user to prevent unauthorized access
- Event logging for a variety of login activities, including password changes
- Weekly audit reviews
- Active account management moderation
- Session locking after periods of inactivity
- Access restriction based on physical location, job assignment, time of day and network address