Technology enhancements for secure access to criminal justice data must be in place within 9 months for all police and law enforcement departments.  According to the FBI CJIS Guidelines, "All mobile/remote devices, including all handheld and small form factor devices such as Personal Digital Assistants (PDAs), purchased after September 30, 2005 shall meet the approved form of data encryption and advanced authentication. All remote clients shall meet this requirement by September 30, 2010".

According to Tom Souza, president of Ohio based Active Networking Inc.,  cities need to be focused on compliance with CJIS and NCIC regulation to assure continued access to Criminal Justice databases.  “Now is the time to line up the 2 Factor Authentication processes your department will use,” Souza said. “Because all security verification methods need to be approved by your state agencies,  postponing conformity may interrupt data availability.”

“With more and more municipalities outfitting officers with mobile data terminals through laptops and hand held devices, authenticating users is paramount for security,” Souza claims. “We provide the solutions to regulatory adherence that meet state and federal requirements.  Customers of Active Networking Inc. and Sundance Systems Inc. will be in total compliance long before the deadline.“

 “Any cities that are unsure of their status should contact their software provider or give us a call at 216-328-8551.”

Information security is a top priority for law enforcement today.  With every technological security advancement comes the challenge for hackers to circumvent it.  Enter 2 Factor Authentication.

 Requiring two methods of authenticating users establishes another layer of access protection.  Commonly referred to as “what you know and what you have”, multiple authentication requires a secure password (what you know) and a physical device (what you have). 

 Dennis Withem, President of Sundance Systems Inc., states “Smart Cards are currently the most reliable 2 Factor Authentication method in law enforcement. Individual cards inserted into mobile laptop readers prompt officers for pin information before logging them into the state data system.

Other methods, such as USB  tokens or biometric scanning are less efficient and more costly,” according to Withem.   

“Tokens rely on the same type of authentication as the Smart Card as they both communicate directly with the departments server, reducing “man in the middle” hacking attacks. However, we found that USB tokens would break off easily when inserted into the laptop,” Withem said.  “Although tokens and cards are comparable in price, repair down time is radically reduced with the use of cards.”

Current biometric identification solutions can be very expensive for police departments to employ.  This type of 2 factor authentication may include fingerprint and iris scanning.

 Sundance Systems has been outfitting their clients with NCIS and CJIS approved smart cards for 2 factor authentication requirements. Withem is attentive to new developments in software security as a critical part of his company’s suite of safety service offerings.  “Our goal is to provide the safest, most secure software applications to law enforcement departments today,” Withem said, “while always keeping on eye on the budget.”