Encrypting CJIS Data in virtualized and cloud environments
Preventing and investigating crime is a challenging task and law enforcement personnel rely on timely access to the CJIS criminal justice information systems as a key resource. However, given the sensitive nature of CJIS data, the US Federal Bureau of Investigation (FBI) has created the CJIS Security policy to ensure data remains confidential and is only accessed by authorized users.
The CJIS Security policy includes a set of 12 policy areas which outline strict controls relating to the access or exchange of CJIS data by all Law enforcement agencies as well as their contractors and private agencies. Data encryption is a critical component of the CJIS Security Policy ensuring that data I rendered unusable should it be accessed by unauthorized personal.
As information technology (IT) evolves, Law Enforcement agencies are increasingly embracing virtualization and cloud computing to take advantage of many benefits including deployment flexibility, simplified management and IT costs savings. Understanding that new technology can introduce new risk, the CJIS Security Policy version 5.2 now has includes detailed recommendations around cloud security and privacy controls including critical considerations around cryptographic key management in a cloud environment.
AFORE’s CloudLink® software defined storage encryption and CypherX application encryption solutions enable Law Enforcement agencies and their contractors to embrace the cloud while maintain complete control over data security. Our solutions are designed to enable organizations to protect information in a range of deployment methods including private, hybrid and public cloud all from a single solution that will grow as your business systems evolve.