3 Ways to Meet Upcoming CJIS Authentication Mandates

Thu 25 Jul 2024
Home 9 Identity & Authentication 9 3 Ways to Meet Upcoming CJIS Authentication Mandates

As technology evolves, the need for enhanced security in criminal justice information systems (CJIS) becomes paramount. The CJIS Security Policy 5.9.1 outlines specific requirements for Advanced Authentication (AA) to ensure the protection of CJI. This blog seeks to answer common questions, clarify misunderstandings, and communicate updates regarding these requirements.

The Criminal Justice Information Services Security Policy is a set of guidelines developed by the FBI in collaboration with other government agencies. It ensures secure access to criminal justice information by outlining minimum security requirements.

Advanced Authentication (AA)

Advanced Authentication (AA) refers to a security method that involves multiple factors to verify an individual’s identity. Unlike traditional systems that only require a User ID (UID) and password, AA adds an extra layer of security. This approach, often called “Two-Factor Authentication,” includes:

  1. Something you know: Password or PIN.
  2. Something you have: Smart card or PIN generator.
  3. Something you are: Fingerprint, retina scan, or hand geometry.

This combination ensures that access is granted only after successful verification of multiple factors. All criminal justice agencies that transmit or receive CJI outside of a secure location must implement AA technology. 

Download our CJIS Guide to Identification, Authentication,  & Physical Security here to learn more.

3 Ways to Meet the Upcoming CJIS Mandate Requirements

1. ID card as a “KEY” to access Criminal Justice Information:

Smart cards can be programmed for MFA capabilities and serve as both an ID badge and a security measure.

2. Using Mobile Devices for Multi-Factor Authentication:

Mobile devices with cryptographically protected software tokens provide a flexible and secure authentication method. Pair this with hardware passkeys, such as FEITIAN’s K44 iePass Security Key, for an ever more secure authentication process.

3. Implementing USB Security Keys:

FIDO and PKI-enabled USB security keys offer fast, user-friendly, and secure access to digital and physical resources.

Download our CJIS Guide to Identification, Authentication,  & Physical Security here to learn more.

CJIS Compliance 

Ensuring CJIS compliance requires understanding and implementing the right authentication methods. Agencies must stay informed and adopt solutions that balance security and user convenience. If you need assistance with implementing CJIS MFA requirements, contact sales@ftsafe.us for more information, demos, and samples.

Related Posts

Outsmarting Attackers by Deploying FIDO2 in Education

Outsmarting Attackers by Deploying FIDO2 in Education

In 2023 alone, the educational services sector experienced 1,780 incidents, with 1,537 ...
Enterprise Security

Stay in the know

Join our community of security-conscious individuals and organizations who prioritize safeguarding their sensitive data. Stay informed about the latest advancements in cyber-physical technology and discover how FEITIAN can empower you to take control of your digital security.

"*" indicates required fields

Full Name*
Share This
0
    0
    Your Cart
    Your cart is empty