AWS Public Sector Blog
Fighting crime with the cloud: Law enforcement + AWS
Amazon Web Services (AWS) is pleased to announce that we recently signed a Criminal Justice Information Services (CJIS) Security Addendum with the California Department of Justice (California DOJ).
We know that security is a top priority for our customers, especially those in law enforcement. To help law enforcement customers comply with FBI standards for criminal justice information (CJI), which includes biometric, identity history, person, organization, property, and case/incident history data, AWS signs CJIS security addenda at both state and local levels. These CJIS security addenda give our law enforcement customers the confidence that their data will pass CJIS-compliance audits and that their data is secure in the cloud.
This signed addendum enables local law enforcement agencies in California to run CJIS workloads in the cloud with assurance that they are compliant with CJIS standards. To enable extremely high security levels for our customers, AWS employs a robust set of security technologies and practices, including encryption and access control features that surpass the capabilities of all other providers. In fact, we have been recognized by top third-party analysts as the leader in cloud security.
Our functionality, security, and ability to quickly sign CJIS agreements demonstrates AWS’s strong commitment to meeting the needs of our justice and public safety customers.
California Department of Justice cloud use case
The California DOJ’s JusticeCloud enables the delivery of cloud services with robust security and faster time to delivery.
To avoid the need for every agency in California to go through the adjudication and audit process with every cloud service provider, the California DOJ has taken the lead on this effort statewide. This includes building service catalogs with cloud service partners so that local law enforcement agencies can access pre-approved architectures and services with a lightweight administrative process. California law enforcement agencies are responsible for architecting their solutions to comply with CJIS, and the California DOJ is establishing ways to assist law enforcement agencies in easily adopting cloud services. CJIS compliance hinges on governance, and this approach simplifies the process for local law enforcement agencies.
“The cloud is an essential part of our strategy to securely deliver innovative digital services to all law enforcement agencies across California. With the CJIS addendum, law enforcement agencies statewide can adopt a cloud-first approach, and benefit from the cloud’s agility, cost savings, and breadth of functionality,” said Adrian Farley, Chief Information Officer, California DOJ.
What makes the AWS Cloud secure?
Security is our top priority, and our cloud infrastructure has been architected to be the most flexible, automated, and secure computing environment available today.
Law enforcement agencies are taking advantage of our rich security automation tools for greater visibility to move faster and meet CJIS security requirements.
Examples of AWS security features include the ability to:
- Encrypt your data in three ways – server side in Amazon S3, store and manage the keys yourself with AWS CloudHSM, or use our one-click AWS Key Management Service (KMS). AWS also integrates key management across many different services and provides a way for you to audit all of the access and actions with your keys in Amazon CloudTrail, our API logging service. No other provider can match these encryption and key management capabilities.
- Manage identity and access management at a very granular level, limiting privileges by individual, time, location, and which API calls they are able to make. We also offer identity federation, easy key rotation, capabilities for temporary credentials, and powerful tools for developing and testing for access policies across your environment. No other provider comes close to the power of our access management system.
- Provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define with Amazon Virtual Private Cloud (VPC). You can then easily record and analyze the details of all network traffic inside your VPC environment as well as network flows coming and going to and from other networks using VPC Flow Logs.
- Design and build security controls and streamline auditing from the start within the Security by Design (SbD) framework. Within SbD we provide specific packages for building workloads in an automated fashion with a Security-Focused Standardized Architecture, and customers can maintain compliance baselines automatically with Inspector and Config Rules.
- Use AWS Direct Connect to establish private connectivity between AWS and your data center, office, or colocation environment.
- Get access to hundreds of tools and features to help you to meet your security objectives such as dedicated hardware, multi-factor authentication, and granular access controls.
- Beyond the AWS platform itself, the AWS partner ecosystem of security-focused partners is by far the largest and most sophisticated in the world. Hundreds of those tools are conveniently available to customers in the AWS Marketplace.
Every state, county, and local agency is different, and with these services and tools, law enforcement agencies can begin leveraging AWS to architect a secure and compliant environment for their data today.
Solve the case for any use case
We work with a wide ecosystem of justice and public safety partners in the AWS Partner Network (APN), including Utility, DoubleHorn, Quicket Solutions, Haystax, Evolver, REAN Cloud, Unisys, Azavea, iCrimeFighter, GovQA, L3Capture.com and more. Our APN partners’ solutions support important law enforcement functions, including digital evidence management.
“BodyWorn™, our Generation 2 body-worn camera, requires a very robust and secure cloud-based storage system,” said Robert McKeeman, CEO of Utility. “Amazon’s cloud-based, CJIS- compliant cloud service makes managing digital video evidence much more flexible and cost-effective for our law enforcement customers. We have a great working relationship with the Amazon team.”
In addition to digital evidence management, our partners also offer solutions for e-discovery, e-citation, secure image management, mobile forensics, crime forecasting, major risk event management, public records management, backup, archival, and disaster recovery.
For more information on partner solutions in justice and public safety, click here.
Helping you achieve your mission
We work with over 2,000 government agencies like City of McKinney, the State of Arizona, National Geospatial Intelligence Agency (NGA), and the US Department of Homeland Security (DHS) on their mission-critical workloads that include sensitive data. Our goal is to help you achieve your mission and have the peace of mind that your data is secure. AWS has the expertise to help you comply and resources that were created with the needs of the law enforcement community in mind.
To learn more about how AWS is serving the justice and public safety community visit: https://aws.amazon.com/stateandlocal/justice-and-public-safety/
Customers can streamline compliance from architecting a solution to preparing for an audit with AWS’s portfolio of compliance guides and programs:
AWS is committed to serving the law enforcement community from the field to the courtroom by helping safeguard data to reduce and prevent crime.