FBI declares cloud vendors must meet CJIS security rules

FBI declares cloud vendors must meet CJIS security rules

February 8, 2012
Cyber Security, FedCyber Wire, Requirements
No Comment

The FBI Tuesday reaffirmed its rule that all cloud products sold to to U.S. law enforcement agencies must comply with the FBI’s Criminal Justice Information Systems (CJIS) security requirements.

While the nation’s top law enforcement agency concedes that some vendors may have a tough time meeting those requirements, it insisted that there would be no compromising on security.

“The FBI remains committed to using technology in its information-sharing processes, but not at the sacrifice of the security of the information with which it has been entrusted,” Stephen Fischer Jr., a spokesman for the FBI’s CJIS division said today in an email to Computerworld.

Fischer’s comments come less than two months after the Los Angeles Police Department canceled a planned migration to Google Apps because it said the cloud service was not compliant with CJIS security requirements.

At the time, two city officials noted that U.S. Department of Justice requirements for the CJIS are not currently compatible with cloud computing.

Google has also maintained that CJIS requirements are incompatible with cloud computing and therefore present a unique challenge to any cloud vendor.

via NetworkWorld, continued here.