fbpx

CRIMINAL JUSTICE INFORMATION SERVICES

CJIS (Criminal Justice Information Services)

Many organizations are struggling with how to work towards and maintain CJIS cybersecurity compliance.

First Call Computers Solutions has worked for many years in highly regulated industries across Montana like banking, credit unions and Department of Defense manufacturing.

First Call has the people, processes and tools to help organizations align with the needed controls.

cRIMINAL JUSTICE INFORMATION SERVICES

NIST
CYBERSECURITY FRAMEWORK

NIST is First Call’s “guiding light” for cybersecurity compliance.
This same framework is CJIS’s “guiding light”. NIST stands for the National Institute of Standards and Technology.

The NIST cyber security framework:

  1. Identify: assets
  2. Protect: assets
  3. Detect: incidents
  4. Respond: incidents
  5. Recover: incidents

In addition to NIST, Criminal Justice Information Services organizations require additional, specific security controls both for people inside and outside their organization who operate in or access criminal justice services or information.

Montana Operations Manual (MOM)

MOM, provided by the State of Montana outlines, 20 baseline security controls which are ALSO based off the NIST Cybersecurity Framework. Said differently, focus on NIST, and make MOM happy. (so many acronyms).

Compliance

First Call works with the agency and the CJIS’s Information Security Officer to achieve and maintain compliance. First Call provides a virtual Chief Information Security Officer (vCISO) giving our CJIS clients the high level person they need to guide and steer them. First Call also provides ongoing security auditing services so that the gaps are clear, closed and maintained proactively.

Audits

In the event of audits: (FBI or CSA) First Call is the main technical point of contact, completing any pre-audit questionnaires and is physically available for the onsite audit and to review/explain any audit follow up recommendations.

SECURITY
AWARENESS TRAINING

First Call is providing general security awareness training as part of its standardized services.

All personnel must also be formally trained on the rules, responsibilities and behavior around usage of CJIS.

INCIDENT RESPONSE

The FBI and the State have provided incident response guides and procedures that must be followed in the event of an incident.  First Call also has robust incident response management experience spanning multiple industries.

.

EVENT LOGGING

Proper event logging is put in place so that evidence requirements are met both for the types of logs and the length of retention.

ACCESS CONTROLS

Access control requirements including MFA are critically important to CJI security and compliance.  First Call has a complete team to help implement and maintain these solutions.

CONFIGURATION MANAGEMENT

 Network Diagrams, secured storage of network documentation and access controls are all provided to meet this requirement as part of NIST compliance

MEDIA PROTECTION

First Call provides regulatory compliance certificates for any media or storage services provided and certificates of destruction for records on disposal of physical media containing CJI.

PHYSICAL PROTECTION 

First Call can work with your facilities team and a variety of 3rd party vendors and systems to help organizations align their buildings, rooms, policies and work flow.

SYSTEMS & COMMUNICATIONS PROTECTION & INFORMATION INTEGRITY

This is the most importany and deepest, widest portion of the CJIS effort from an IT Standpoint. Many technologies and considerations have to be considered from local IT, cloud, VOIP etc

PERSONNEL SECURITY

First Call does the screening requirements of its own staff before granting access

First Call can help establish the policies and procedures needed for their own staff and contractors/vendors for CJIS compliance and records.

MOBILE DEVICES

CJIS has established comprehensive polices that apply to all mobile devices to help organizations establish the required controls.

Request time to meet with a First Call vCISO (virtual Chief Information Security Officer) to discuss your needs, progress and ways we can help you through this journey of protecting criminal justice information.

CONTACT FIRST CALL

CHOOSE THE BETTER WAY

GET CONNECTED

NEED SUPPORT?

FOR SALES
Sales@firstsolution.com | 406.721.6462


FOR SERVICE

HelpDesk@firstsolution.com | 406.540.1969


FOR WEB SERVICES
WebHelp@firstsolution.com | 406.540.1969