The CJIS Security Policy, FBI Databases, and Communication

The CJIS Security Policy, FBI Databases, and Communication

The Criminal Justice Information Services Security Policy or CJIS for short is a security management policy administered by the Federal Bureau of Investigation or FBI that contains “information security requirements, guidelines, and agreements reflecting the will of law enforcement and criminal justice agencies for protecting the sources, transmission, storage, and generation of Criminal Justice Information (CJI)”. The purpose of the CJIS Security Policy was to protect the full lifecycle of Criminal Justice Information or CJI, whether this information is at rest or is in transit. To this point, the CJIS Security Policy also “provides guidance for the creation, viewing, modification, transmission, dissemination, storage, and destruction of CJI”.

What is CJIS Network compliance and why is it important?

As the CJIS is a division of the FBI, the division oversees and operates a number of different law enforcement databases. As such, law enforcement agencies around the country depend on the information that is collected and contained within these databases to perform their daily functions. Some of the databases contained within CJIS include the following:

As the information that is contained within the databases of the CJIS is so pivotal to the operations and functions of so many law enforcement agencies around the countries, the CJIS Security Policy is a means by which the FBI can ensure that this information is protected and safeguarded at all times. To this end, the CJIS Security Policy “contains thirteen separate policy and technical requirements covering numerous topics”. Some of the policy topics include policy and contractual requirements, as well as security awareness training, among a bevy of others. Alternatively, some of the technical topics include the “deployment of encryption to protect data in transit”, as well as the establishment of user access controls for the purposes of restricting users.

What are the compliance requirements for the CJIS Security Policy?

The thirteen requirements for CJIS Security Policy compliance are as follows:

As the sharing of information has been pivotal to the development of civilizations throughout human history, databases such as the CJIS represent the technological equivalent of the various information networks that have been used in the past. As such, CJIS network compliance is a means by which the FBI can ensure that all CJIS data that is accessed by law enforcement agencies or related entities or organizations is protected from unauthorized use or harm at all times. By following the thirteen requirements stated above, law enforcement can ensure that they do not violate the confidentiality and integrity of CJIS data when performing their various functions and duties.

Related Reads