The FBI’s Criminal Justice Information Services Division (CJIS) is responsible for maintaining multiple criminal justice information databases and services. From biometric identification tools (NGI) to nationwide criminal history record information, CJIS maintains data that is vital for law enforcement agencies across the nation. But to access the vital resources CJIS offers, and to protect our national security from nefarious actors, it is imperative police departments maintain CJIS compliance.
That can sometimes be easier said than done.
Threats to information and operational technology are constantly evolving, jeopardizing law enforcement’s ability to meet their mission critical operations. To combat these threats, the Advisory Policy Board (APB), through the FBI CJIS Division, regularly updates security requirements for accessing CJIS data. For police departments with limited IT resources, keeping up with updates can be a challenge. This is where Panasonic Connect's Smart Compliance, powered by Eclypsium, comes into play. Smart Compliance is designed to simplify firmware integrity and support CJIS compliance. This solution ensures that police departments can focus on their mission-critical responsibilities without compromising security by monitoring CJIS networks and devices for unauthorized firmware changes and potential security breaches. Choosing the right technology partner is pivotal in maintaining the integrity and security of law enforcement operations.
In December of 2022, CJIS Security Policy (CJISSECPOL) version 5.9.2 added a new section for system requirements. Policy area 5.15 is now dedicated to System and Information Integrity (SI). SI-7 Software, Firmware, and Information Integrity expands security focus beyond hardware and software and into firmware. Specifically, the most updated language calls for:
As of October 2023, these requirements are CJIS auditable and if devices and systems do not meet these requirements, departments risk ongoing sanctions through the APB.
Prior to SI-7, CJIS primarily focused on ensuring software and device security through tools like antivirus/malware scans or more advanced techniques such as Endpoint Detection and Response (EDR) or Endpoint Protection Platform (EPP).
However, the lack of focus on firmware left a significant vulnerability on end-user devices and network appliances. When a device’s firmware is compromised, it poses significant vulnerabilities to CJIS data, including:
SI-7 was added to address these important security issues. However, for many departments, SI-7 poses a challenge as to how to maintain CJIS compliance without a major technology overhaul.
Recognizing that police departments often struggle with limited IT resources, Panasonic Connect's Smart Compliance, offers a robust solution. This advanced system monitors CJIS networks for unauthorized firmware changes, ensuring compliance and continuous data access.
Smart Compliance offers numerous benefits for departments:
Smart Compliance safeguards law enforcement technology so agencies can be confident that their devices are compliant with CJISSECPOL firmware integrity requirements.
To effectively combat firmware threats, it's crucial to understand their primary targets. These threats tend to target one of three areas:
Understanding potential threats is only the beginning. By utilizing the most comprehensive database of firmware definitions, Panasonic’s Smart Compliance compliments existing systems of critical security controls to protect your devices against threats:
Smart Compliance assists in keeping law enforcement agencies CJIS compliant. It also ensures seamless device operation, extends device lifespan for cost savings, and provides insight into product vulnerabilities for smarter IT procurement decisions.
While CJIS security policy 5.9.2 introduced section SI-7, that is not the only update to CJIS compliance requirements that departments need to know. There are additional cybersecurity-focused requirements necessary prior to October 2024. Specifically, the auditable requirement for agencies to employ multi-factor authentication (MFA). CJISSECPOL 5.9.2. states, “Multi-factor authentication requires the use of two or more different factors to achieve authentication. The authentication factors are defined as follows: something you know (e.g., a personal identification number [PIN]), something you have (e.g., a physical authenticator such as a cryptographic private key), or something you are (e.g., a biometric).”
Panasonic TOUGHBOOK® devices come standard with integrated infrared cameras essential for facial recognition. Additionally, TOUGHBOOK devices offer an innovative feature: xPaks (expansion packs) that allow for customization. These xPaks include insertable smartcard readers, contactless HF RFID card readers, and fingerprint scanners (including an Active Directory capable version), ensuring that every device can meet new MFA requirements and remain CJIS compliant.
Police technology, like TOUGHBOOK laptops and tablets, is engineered to be available whenever and wherever mission critical duties require. For this technology to be effective, users must trust that their devices are secure. Ensuring device and CJI security transcends mere CJIS compliance—it's crucial for fulfilling an agency's mission-critical responsibilities effectively.
Panasonic Connect understands this need and equips police departments with the necessary resources to achieve and uphold CJI security across all their devices. Visit our website to learn more about Smart Compliance.