Keeping Law Enforcement Safe from Cyberthreats
Carrying guns doesn’t protect law enforcement information systems from cyberattacks. Law enforcement needs to controlling access to databases and make sure data isn’t tampered with in order to carry out investigations and protect officers and witnesses.
In order to secure their data, local and state law enforcement as well as federal agencies should adhere to the Criminal Justice Information Services (CJIS) Security Policy, which outlines recommended security measures.
Policies for Cyberprotection
CJIS recommendations are applicable no matter what information technology architecture your department uses. As a result, the standards and guidelines you put in place will continue to apply even if the underlying infrastructure changes. By layering adherence to these policies on top of your systems, you can continue to achieve security as systems evolve.
There are 13 policy areas that make up the CJIS Security Policy, including everything from security awareness training to physical protection to incident response to access control to mobile devices, and more.
From a technical implementation perspective, some of the most relevant policies are:
- Policy Area 4: Auditing and Accountability
- Policy Area 5: Access Control
- Policy Area 6: Identification and Authentication
- Policy Area 7: Configuration Management
- Policy Area 8: Media Protection
- Policy Area 10: System and Communications Protection & Information Integrity
- Policy Area 13: Mobile Devices
In those seven areas, technology offers solutions to addressing common security weaknesses and vulnerabilities.
Within each policy area, there are multiple steps law enforcement can take to bring their information systems into compliance with the CJIS recommendations. Examples include:
- Auditing and accountability: Monitor applications to track user events and provide indications of tampering.
- Access control: Ensure users are assigned the least amount of privilege necessary to perform their job functions. Limit remote access to authorized staff.
- Identification and authentication: Make sure every user has a unique id. Ensure user ids are made inactive when users leave the organization or their job function changes. Use multifactor authentication to enhance the login process.
- Configuration management: Limit the ability to make environmental changes to authorized staff. Have a process to review and approve changes before they are implemented.
- Media protection: Ensure that media holding law enforcement data is stored securely and handled only by authorized individuals.
- System and communications protection & information integrity: Protect your network boundaries by monitoring the flow of data and encrypting it for security. Have a process for ensuring patches are applied and that virus and spam protection is keep up to date.
- Mobile devices: Limit WiFi to areas where mobile access is needed. Implement a bring your own device policy before allowing users to connect with personal devices, and monitor network connections for unauthorized users or devices.
Prescient Solutions works with municipalities to solve all their information technology challenges, including cybersecurity. Download our guide to CJIS to learn more about the things you need to do to secure your law enforcement information systems, or contact us to find out how Prescient Solutions can work with you to keep you critical information technology safe.