{"id":1555,"date":"2016-08-10T13:00:08","date_gmt":"2016-08-10T17:00:08","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/azuregov\/?p=1555"},"modified":"2016-08-10T13:00:08","modified_gmt":"2016-08-10T17:00:08","slug":"cjis-implementation-how-microsoft-azure-government-is-committed","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/azuregov\/cjis-implementation-how-microsoft-azure-government-is-committed\/","title":{"rendered":"CJIS Implementation: How Microsoft Government is Committed"},"content":{"rendered":"

When it comes to the CJIS Security Policy, Microsoft is committed to providing law enforcement agencies with trusted cloud services that are uniquely equipped and will help meet or exceed their CJIS compliance requirements.<\/span><\/p>\n

The CJIS Security Policy provides a secure framework of laws, standards, and elements of published and vetted policies for accomplishing the mission across the broad spectrum of the criminal justice and noncriminal justice communities.<\/span><\/p>\n

While the CJIS Security Policy is to some extent aligned with NIST 800-53, Rev 4., there are unique CJIS Policy requirements which law enforcement agencies must adhere to. These include:<\/span><\/p>\n

Security Awareness Training:<\/span><\/strong>\u00a0 The Policy requires basic security awareness training be required within six months of initial assignment, and biennially thereafter, for all personnel who have access to Criminal Justice Information (CJI) to include all personnel who have unescorted access to a physically secure location.\u00a0 At Microsoft, we have enhanced our approach to request all employees with potential access to CJI be trained at the highest security awareness training level 4 prior be being assigned to support CJI and contractually commit the training will be done within 30 days rather than six months.<\/span><\/em><\/span><\/p>\n

CJIS Security Addendum:<\/span><\/strong>\u00a0 The Policy requires all private contractors who perform criminal justice functions shall acknowledge, via signing of the CJIS Security Addendum Certification page, and abide by all aspects of the CJIS Security Addendum.\u00a0 At Microsoft, all employees with potential access to CJI have signed the CJIS Security Addendum as well as Microsoft as a corporation, acknowledging the CJIS Security Policy and applicable regulations.<\/span><\/em><\/span><\/p>\n

Personnel Security:<\/span><\/strong>\u00a0 The Policy requires all personnel who have access to unencrypted CJI, including those individuals with only physical or logical access to devices that store, process or transmit unencrypted CJI, meet the minimum fingerprint-based background checks within 30 days of assignment.\u00a0 At Microsoft, all employees with access to encrypted or unencrypted CJI are screened, or in the process of being screened, within 30 days of assignment in the 22 states that Microsoft has attested to meet the applicable CJIS requirements.<\/span><\/em><\/span><\/p>\n

Formal Audits:<\/span><\/strong>\u00a0 The Policy requires formal audits are conducted to ensure compliance with applicable statutes, regulations and policies.\u00a0 At Microsoft, the State CJIS Systems Agencies with an Information Agreement shall be permitted to access the Microsoft facilities, applicable records, and Covered Entity Data, as directly related to the Covered Services.\u00a0 If required, the CSA has the right to conduct on-site audits of the covered cloud services, in accordance with the CJIS Policy, to ensure Microsoft is in compliance.<\/span><\/em><\/span><\/p>\n

In summary, when you\u2019re thinking about CJIS and digital transformation across government priorities, you should be seeking a partner committed to CJIS compliance today and in the future. Microsoft is the innovator committed to compliance!<\/span><\/p>\n

For more information on Microsoft’s CJIS compliance you can go to this <\/span>article<\/span><\/a><\/span>.<\/span><\/p>\n

For additional implementation information, review the Microsoft <\/span>CJIS Implementation Guidelines<\/span><\/a><\/span>. This document provides guidelines and resources to assist criminal justice entities in implementing and utilizing Microsoft Government Cloud features. To stay up to date on all things Azure Government, be sure to subscribe to our <\/span>RSS feed<\/span><\/a><\/span> and to receive emails by clicking \u201cSubscribe by Email!\u201d on the <\/span>Azure Government Blog<\/span><\/a><\/span>.<\/span><\/p>\n

 <\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

When it comes to the CJIS Security Policy, Microsoft is committed to providing law enforcement agencies with trusted cloud services that are uniquely equipped and will help meet or exceed their CJIS compliance requirements. The CJIS Security Policy provides a secure framework of laws, standards, and elements of published and vetted policies for accomplishing the […]<\/p>\n","protected":false},"author":1772,"featured_media":20423,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1,25],"tags":[95,165,189,316,375,502],"class_list":["post-1555","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-azuregov","category-portalpreview","tag-azure-government","tag-cjis","tag-compliance","tag-government-cloud","tag-law-enforcement","tag-security"],"acf":[],"blog_post_summary":"

When it comes to the CJIS Security Policy, Microsoft is committed to providing law enforcement agencies with trusted cloud services that are uniquely equipped and will help meet or exceed their CJIS compliance requirements. The CJIS Security Policy provides a secure framework of laws, standards, and elements of published and vetted policies for accomplishing the […]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/posts\/1555","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/users\/1772"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/comments?post=1555"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/posts\/1555\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/media\/20423"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/media?parent=1555"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/categories?post=1555"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/azuregov\/wp-json\/wp\/v2\/tags?post=1555"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}