Law Enforcement – CJIS Security Policy

Encrypting CJIS Data in Virtualized and Cloud Environments


Preventing and investigating crime is a challenging task and law enforcement personnel rely on timely access to the CJIS criminal justice information systems as a key resource. However, given the sensitive nature of  CJIS data, the U.S. Federal Bureau of Investigation (FBI) has created the CJIS Security Policy to ensure data remains confidential and is only accessed by authorized users.


The CJIS Security Policy includes a set of 12 policy areas which outline strict controls relating to the access or exchange of CJIS data by all Law enforcement agencies as well as their  contractors and private agencies. Data encryption is a critical component of the CJIS Security Policy ensuring that data is rendered unusable should it be accessed by unauthorized personal.


As information technology (IT) evolves, law enforcement agencies are increasingly embracing virtualization and cloud computing to take advantage of many benefits including deployment flexibility, simplified management and  IT costs savings. Understanding that new technology can introduce new risk, the CJIS Security Policy version 5.2 now includes detailed recommendations around cloud security and privacy controls including critical considerations around cryptographic key management in a cloud environment.


CloudLink SecureVSA software defined storage encryption,CloudLink SecureVM and CloudLink SecureFILE data encryption solutions enable Law Enforcement agencies and their contractors to embrace the cloud while maintain complete control over data security. Our solutions are designed to enable organizations to protect information in a range of deployment methods including private, hybrid and public cloud all from a single solution that will grow as your business systems evolve.