SecureAuth IEP
Meets CJIS Requirements

SecureAuth IEP 2-factor Authentication Approved by FBI ISO to Protect Access to Criminal Justice Information System for the State of New Hampshire

The FBI established the Criminal Justice Information Services (CJIS) Division to serve as the focal point and central repository for criminal justice information services within the FBI. The CJIS database, available to all authorized local, state, and federal law enforcement and criminal justice agencies, is the world's largest repository of criminal fingerprints and history records. The CJIS Division Authentication Office is responsible for making the access process to the CJIS Division Services & Systems as secure and effortless as possible. Recent revisions to the CJIS Information Security Policy mandate that all multifactor authentication solutions that will be used by any of the state and local agencies must be approved by the state ISO and forwarded to the FBI ISO, George White, for final approval. Upon final approval of the revised mandate, agencies will need to implement FBI approved access to the CJIS database by January, 2011.

Secure, Simple 2-factor Authentication for CJIS Database Access

SecureAuth is an Identity Enforcement Platform (IEP) that secures and simplifies access to every cloud, VPN, and web resource from the office, or remotely from mobile devices with integrated Authentication, SSO, and IdM Services. A turnkey solution, SecureAuth is the only tokenless, non-phishable authentication solution for applications and database access that mutually authenticates both the user and the server in an easy to deploy manner. For maximum security, all credentials are securely stored on-premise in CJIS’s directory. SecureAuth acts as an identity provider and controls usernames, level of authentication and other information used to identify, authenticate and authorize users. A user attempts to logon to the CJIS database and the authentication request is automatically redirected to SecureAuth. SecureAuth parses the request, authenticates the user to the CJIS’s directory and generates the appropriate response for verification. Once verified, the user is automatically logged on to the CJIS database.

SecureAuth Highlights for CJIS

• Approved by FBI ISO and can be fully implemented within days, not weeks or months.
• 2-factor authentication options (Certificate, SMS, Telephony, Username/Password) are configurable to map the right level of authentication to meet each agencies requirements.
• No APIs or modifications to applications required.
• Turnkey solution for CJIS database access delivers an algorithmically proven authentication method that thwarts man-in-the-middle phishing attacks.
• Audit Trial of all user logons provides history of all activity.
• User friendly self-registration and automated certificate distribution reduces administrative overhead and help desk calls
• Integrates with CJIS existing data store so the identity used for authentication is the same that is utilized by the application for processing, permissions and role management.
• No tokens, data servers or additional infrastructure investment required.
• Optional SSO can be easily configured to create transparent user access.

SecureAuth 2-factor authentication for secure access to the CJIS database is one of many functions of the SecureAuth Identity Enforcement Platform which provides Identity Enforcement plus SSO, access and user management services in a single solution.