Publications

The CJIS GROUP Publications resource contains reports pertaining to technology in the Criminal Justice, Public Safety, Homeland Security, and Health and Human Services communities. Documents are generally gathered through the public domain and include industry trends, agency surveys, technical standards and models, case studies, white papers, and guides.

Titlesort descending Summary Subject Category Date Published
Challenges in Securing Transit Systems

Testimony of Peter Guerrero, Director, Physical Infrastructure Issues, before the Subcommittee on Housing and Transportation, Committee on Banking, Housing, and Urban Affairs, U.S. Senate, September 18, 2002. The testimony focuses on challenges in securing mass transit systems, steps transit agencies have taken to enhance safety and security, and the federal role in transit safety and security.

Securing Mass Transit Systems Security September 2002
CJIS Compliance on AWS

There is a long and successful track record of AWS customers using the AWS cloud for a wide range of sensitive federal and state government workloads, including Criminal Justice Information (CJI) data. Law enforcement customers (and partners who manage CJI) are taking advantage of AWS services to dramatically improve the security and protection of CJI data, using the advanced security services and features of AWS such as activity logging (AWS CloudTrail), encryption of data in motion and at rest (Amazon S3’s Server-Side Encryption with the option to bring your own key), comprehensive key management and protection (AWS Key Management Service and AWS CloudHSM), along with integrated permission management (IAM federated identity management, multi-factor authentication).

Data Security, CJIS Data Management, Security January 2016
CJIS Compliance on AWS

There is a long and successful track record of AWS customers using the AWS cloud for a wide range of sensitive federal and state government workloads, including Criminal Justice Information (CJI) data. Law enforcement customers (and partners who manage CJI) are taking advantage of AWS services to dramatically improve the security and protection of CJI data, using the advanced security services and features of AWS such as activity logging (AWS CloudTrail), encryption of data in motion and at rest (Amazon S3’s Server-Side Encryption with the option to bring your own key), comprehensive key management and protection (AWS Key Management Service and AWS CloudHSM), along with integrated permission management (IAM federated identity management, multi-factor authentication).
To enable this, AWS complies with Criminal Justice Information Services Division (CJIS) Security Policy requirements where applicable, such as regularly performing background checks on our employees and signing CJIS security addendum agreements with our customers.

Data Security Data Management November 2015
CJIS Data-in-Transit Encryption Standards: How to Address Your Criminal Justice Information Services Security Policy Requirements Effectively
For US law enforcement agencies, complying with the Criminal Justice Information Services Security Policy (CJIS-SP) is an imperative requirement. However, it’s also critical to ensure that the security mechanisms employed don’t in any way impede staff in fulfilling the agencies’ chief charter: fighting crime. This paper examines data-in-transit encryption, which is an important component of CJIS-SP requirements. It offers a number of insights into the approaches that can help organizations address data-in-transit encryption policies most efficiently and effectively—while ensuring that investigators and other users always get reliable, timely access to the information they need to do their jobs.
Data Security, CJIS Security Policy Data Management, Security May 2015
Classified National Security Information Program for State, Local, Tribal and Private Sector Entities Implementing Directive

This directive is issued in accordance with Executive Order 13549, "Classified National Security Information Program for State, Local, Tribal, and Private Sector Entities." Its purpose is to instill uniformity and consistency in the application of security standards for state, local, tribal and private sector entities (SLTPS2) with whom classified information is shared and prescribes the processes and standards for providing access to and safeguarding of such information when shared with SLTPS entities.

Information Sharing Data Management January 2012
Communicating Across State and County Lines: The Piedmont Regional Voice over Internet Protocol Project

To help improve public safety, the City of Danville teamed up with surrounding law enforcement agencies to use Internet technology to bridge the gaps in their communications systems.

Voice over Internet Protocol (VoIP) Systems Communications August 2008
Communities for Government: Boost Your Agency's Performance with Internal & External Collaboration
Created by and for the people, government agencies must be able to collaborate and manage relationships with constituents, volunteers, employees, partner organizations and other agencies.
Regular communication is not just expected; often it is mandated by law. What if you could leverage a single platform for all incoming and outgoing communication, from public notices and announcements, to internal policy changes, constituent surveys and more.
 
Sponsored by CarahSoft
Application Management, Data Security Data Management September 2015
Concept for Operations for Integrated Justice Information Sharing - Version 1.0

This Concept for Operations for Integrated Justice Information Sharing (ConOps) provides a discipline-specific focus for justice information sharing, which in turn can be used to identify and expose broader IT architectural and infrastructure issues that must be addressed by state Chief Information Officers (CIOs).

Information Sharing Assessment/ Needs Analysis Data Management July 2003
Content Encryption: Key Issues to Consider

Encryption of electronic content is an essential best practice, despite the fact that many organizations and individual users do not encrypt email, files stored behind their corporate firewall, files stored in the cloud, and in other venues. However, most IT administrators understand the benefits of encrypting content to protect sensitive or confidential information, to protect their organizations against data breaches, to satisfy regulatory obligations, and to protect against various types of legal liabilities.

It is important for decision makers to understand that encryption is more than simply a defensive strategy to protect against data breaches or to comply with regulations. Organizations that encrypt content can create new business opportunities and create competitive differentiation that can contribute significantly to their bottom line and provide new ways of attracting and keeping customers.

Data Security Data Management October 2015
Creating a Digital-First, Citizen-Centric Engagement Strategy

Public sector agencies know they must go digital to better serve citizens, but oftentimes even their best-laid plans fall short. Digital-first strategies can be hard to implement because government agencies must integrate disconnected technologies to be successful. Verint can help with its Digital First engagement management solution, which combines customer relationship management, Web content management and an enterprise search tool.

Data Sharing, Data Interoperability Data Management March 2016

Pages