skip navigation

PUBLICATIONS

Register for Latest Research

Stay Informed
Register with NCJRS to receive NCJRS's biweekly e-newsletter JUSTINFO and additional periodic emails from NCJRS and the NCJRS federal sponsors that highlight the latest research published or sponsored by the Office of Justice Programs.

NCJRS Abstract

The document referenced below is part of the NCJRS Virtual Library collection. To conduct further searches of the collection, visit the Virtual Library. See the Obtain Documents page for direction on how to access resources online, via mail, through interlibrary loans, or in a local library.

 

NCJ Number: 230121 Find in a Library
Title: Security, Control & Management: Mobile Data in a Multi-Agency/Jurisdiction Environment
Journal: Law Enforcement Technology  Volume:37  Issue:2  Dated:February 2010  Pages:72.74-76
Author(s): Patrick Tabourin
Date Published: February 2010
Page Count: 4
Publisher: http://www.cygnusb2b.com 
Type: Guideline
Format: Article
Language: English
Country: United States of America
Annotation: This article discusses what public safety agencies must do to meet various legal and regulatory security compliance rules regarding wireless access to data.
Abstract: The most prominent example of security compliance rules is the FBI’s CJIS (Criminal Justice Information Services) Security Policy. The policy applies to any agency that requires access to the FBI's criminal justice information database, whether at the international, Federal, State, or local level. It provides the minimum level of information technology (IT) security requirements determined acceptable for the transmission, processing, and storage of criminal justice data. This article describes the security mechanisms agencies must put into place in order to be compliant with these security requirements. One security requirement is VPN software, preferably a mobile VPN that secures any communication to and from a nonsecure location. In addition, all data must be sent over the air encrypted. Further, user authentication is required to validate mobile users attempting to log onto the network. There must also be an additional two-factor security methodology for validating user identity. In addition to the aforementioned general security requirements, agencies must ensure that CJIS-related data are sent on a separate VLAN from the one sent for other agencies. Similarly, administrators without the credentials to access CJIS information should not be able to manage these areas. The article also outlines the security requirements when multiple groups share the common system and are potentially subject to other rules. The article concludes with descriptions of policy management capabilities within mobile VPN, which are the key for agencies to better control and manage their mobile data environment. These capabilities include high-level routing policies, group policy management, and user-specific rules.
Main Term(s): Police policies and procedures
Index Term(s): Federal Bureau of Investigation (FBI); Federal regulations; Information dissemination; Information processing; Information Security; Police information systems; Regional information sharing systems; Regulations compliance
To cite this abstract, use the following link:
http://www.ncjrs.gov/App/publications/abstract.aspx?ID=252153

*A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's website is provided. Tell us how you use the NCJRS Library and Abstracts Database - send us your feedback.