HOW WE MEET CJIS COMPLIANCE

CJIS Solutions offers a binding corporate contract between CJIS Solutions and the agency or vendor. They commit CJIS Solutions to the business relationship, CJIS Security Policy, and IACP Guiding Principles on Cloud Computing.

The Client agency or vendor will receive CJIS Security Addendums for CJIS Solutions and it’s staff.

Ever wonder where your data is? Well not any more! As required by the CJIS Policy, you ALWAYS have access to your data, logically AND Physically. There’s no secret as to where it’s housed, simply let us know and we’ll walk you right up to your environment.

Every member of CJIS Solutions who has physical and/or logical access to client data has been Fingerprinted and background checked. Copies of fingerprints are available upon request to client agencies.

The CJIS Security Policy requires training every 2 years however because of the frequency of changes, CJIS Solutions staff conducts CJIS Training annually.

Everything in the CJIS Solutions cloud is encrypted with FIPS 140-2 standards. This includes, but not limited to: cloud compute, cloud storage, backup fabrics, VPN and connectivity when required.

CJIS Solutions uses only the latest patches, firmware, operating systems, and technologies to ensure that vulnerabilities are addressed immediately. This includes, but not limited to: cutting edge hardware, intrusion prevention, virtualization technology, firewalls, storage, servers, and so on.

ALL CJIS Solutions Staff accesses the cloud environment with a 2 Factor Authenticated FIPS 140-2 VPN tunnel.

All access to CJIS Solutions’ areas (Non-client owned) by staff and clients is logged and kept for 2 years, a full year longer than the policy requires.

Hardened, Certified Tier 3 Uptime facilities that exceed SSAE 16 standards. Throw in CJIS Solutions custom physical and logical security measures and our restricted access is unsurpassed.