CRIMINAL JUSTICE INFORMATION SERVICES (CJIS) COMPLIANT REMOTE SUPPORT

BOMGAR FOR CJIS COMPLIANCE

SECURE REMOTE SUPPORT FOR CJIS COMPLIANCE

In 2011, the Criminal Justice Information Services (CJIS) enacted the

Advanced Authentication provision, a compliance mandate that

set forth minimum security requirements for accessing data within

its system, including personally identifiable information such as

fingerprint records and criminal histories. The policy went into full

effect in September 2013, and now auditors across many states are

cracking down on IT organizations and companies who provide tech

support and services to law enforcement agencies.

Many of these auditors have found that the remote access tools used

to support computers and mobile devices in the field do not meet

CJIS requirements.

Section 5.5.6 of the CJIS Policy states: “The agency shall authorize,

monitor, and control all methods of remote access to the

information system. Remote access is any temporary access to an

agency’s information system by a user (or an information system)

communicating temporarily through an external, non-agency-

controlled network (e.g., the Internet).”

Legacy point-to-point remote access tools (e.g. RDP, VNC) typically

don’t offer the access controls and monitoring features required to

pass a CJIS audit. And cloud-based remote support software (e.g.

Teamviewer, LogMeIn Rescue, Citrix GoToAssist), pass information

through third-party servers undermining access and data control.

Security threats through remote access tools are not unique to law

enforcement agencies. The 2013 Trustwave Global Security Report

by Trustwave Spiderlabs states, “Remote access remained the most

widely used method of infiltration in 2012. Unfortunately for victim

organizations, the front door is still open.”

How can organizations efficiently support law enforcement systems

in the field while maintaining security and CJIS compliance?

BOMGAR’S UNIQUE, APPLIANCE-BASED REMOTE SUPPORT

SOLUTION allows you to remotely access and fix nearly any

system or device, anywhere, while keeping sensitive data and

system access behind your own secure firewall. Bomgar is the

only remote support solution that is FIPS 140-2 Level 2 validated,

which is why it’s used by 45 of the 50 state governments and

12 of the 15 departments of the federal executive branch, as

well as many companies providing software and services to law

enforcement agencies.

BOMGAR COMBINES ROBUST REMOTE SUPPORT CAPABILITIES WITH UNPARALLELED SECURITY MEASURES.

“[The CJIS] mandate was enforced in the state of Texas last year with respect to remote

devices being used to provide technical support,” said Jay Greene, V.P. of Operations

for COPsync. “At the time we were using another solution to provide remote technical

support to our customers. The Texas Department of Public Safety informed us that

solution no longer met the CJIS requirements. We began searching for a more secure

remote support solution, and found that Bomgar met the CJIS requirements and was

FIPS 140-2 Level 2 validated, which were two priorities for us.”

- JAY GREENE, V.P. OPERATIONS, COPSYNC, INC

In its 2013 Global Security Report Trustwave identified Remote Access as the most common method of entry for hackers.

WITH BOMGAR YOU CAN

SUPPORT ALL SYSTEMS AND DEVICES WITH ONE SOLUTION

Bomgar enables you to access and fix nearly any type of remote system or device, including laptops, servers, smartphones and tablets, on or off

the network, no matter where they’re located. With the ability to see and control the screen or view system information, your support reps will

resolve issues more quickly, improving productivity and customer satisfaction. In addition to providing support to any system, Bomgar allows reps

to provide support from nearly any platform, including Windows, Mac and Linux systems, plus iPads, iPhones, and Android devices via Bomgar’s

Mobile Rep Consoles.

IMPROVE CYBERSECURITY AND COMPLIANCE

Bomgar is the only remote support solution that is FIPS 140-2 Level 2

validated, keeping sensitive data behind your own firewall and security

policies. Because it resides within your own environment, Bomgar

enables support for closed networks without compromising security

measures. This allows organizations to meet the CJIS requirement to

authorize, monitor and control all methods of remote support.

• ARCHITECTURE: Centralized, security-hardened appliance never

passes data through a third-party

• AUTHENTICATION: Integrates with existing identity management

and authentication methods, including Smart Cards (CAC/PIV)

• ACCESS CONTROLS: 50+ permissions can be assigned

individually or through group policies

• AUDIT: Full audit trail and video recording of session events

CASE STUDY: BOMGAR USED BY COPSYNC TO SECURELY SUPPORT 500+ LAW ENFORCEMENT AGENCIES AND SCHOOL DISTRICTS

Based in Texas, COPsync, Inc. (OTCQB: COYN) operates the nation’s largest law enforcement real-time, information sharing, communication and data interoperability network. The COPsync mobile application enables officers to efficiently gather information at the point of incident, and immediately share critical data with all officers on the COPsync network. The mobile application also enables officers to receive threat alerts in real-time to the officer’s in-vehicle computer or tablet device from school teachers and others who may be facing a real-time threat.

“[The CJIS] mandate was enforced in the state of Texas last year with respect to remote devices being used to provide technical support,” said Jay Greene, V.P. of Operations for COPsync. “At the time we were using another solution to provide remote technical support to our customers. The Texas Department of Public Safety informed us that solution no longer met the CJIS requirements. We began searching for a more secure remote support solution, and found that Bomgar met the CJIS requirements and was FIPS 140-2 Level 2 validated, which were two priorities for us.”

“COPsync uses Bomgar to support law enforcement officers using Windows desktops and laptops, whether they are in an office or on the road. Many of our support calls require the COPsync customer support team to access the officer’s computer in order to provide timely and efficient customer support. The Bomgar tool makes it easy for the team to access those computers at any time to readily resolve the issue at hand,” said Greene.

“If you are looking for a secure remote support solution that is easy to use, Bomgar is the way to go,” continued Greene. “Since Bomgar meets the applicable compliance standards, that made it the best solution for us.”

SECURELY COLLABORATE WITH VENDORS & CONTRACTORS

With Bomgar’s Embassy feature, support from third parties can be managed at a granular level and fully recorded and audited, providing a secure

alternative to giving vendors and contractors VPN access. Administrators can monitor every click and keystroke a third party rep sends through video

recordings of each and every remote support session.

No other remote support solution is more tailored to meet the needs of law enforcement agencies than Bomgar. With a concurrent licensing

model and load-balanced multi-appliance architecture capable of supporting up to 10,000 reps, Bomgar is the ideal choice for large, geographically

dispersed environments. Bomgar enables you to:

BOMGAR & LAW ENFORCEMENT:A PERFECT FIT

• IMPROVE cybersecurity by closing the door on the #1 attack

pathway for hackers

• SIMPLIFY regulatory compliance using the only remote support

solution that is FIPS 140-2 Level 2 validated

• EXPAND support to mobile devices, including Android, iPhone,

iPad, Windows Phone and BlackBerry

• SAVE time and money by eliminating costly on-site support visits

• REPLACE multiple ineffective remote access tools with a single,

comprehensive solution

• DECREASE call resolution time by collaborating with SMEs or

vendors to solve problems

• STANDARDIZE the authentication process by integrating with

Smart Cards and external directories

©2013 Bomgar, Inc. All rights reserved worldwide. BOMGAR and the BOMGAR logo are trademarks of Bomgar Corporation; other trademarks shown are the property of their respective owners.

C O N T A C T B O M G A R info@bomgar.com I 866.205.3650 (U.S.) I +44 (0) 1628 480 210 (U.K./EMEA) B O M G A R . C O M

CASE STUDY: WILKES COUNTY MAINTAINS CJIS COMPLIANCE WITH BOMGAR

Wilkes County’s IT department supports approximately 400 county employees and 700 computers, servers and other devices located in 17 county sites. Major sites include the sheriff’s office, health department, landfill, animal control and the airport. Before the county implemented Bomgar as its remote support solution, the IT department used Windows built-in freeware tools to provide remote support to users. However, this software was not always effective, and trips to the county sites were often required to assist users.

When a decision was made to roll out laptops to the sheriff department’s patrol unit, finding a new tool for supporting those devices when the sheriff’s staff was out on the road was critical. Wilkes evaluated a number of remote support solutions, including Citrix GoToAssist and LogMeIn Rescue, but it quickly became apparent that Bomgar best met the county’s needs.

“For security reasons, I knew I wanted a remote support solution that was not cloud-based. Having the Bomgar appliance on-premise has proven to be an important feature because the FBI CJIS rules have increased requirements for secure communications,” said Greg Adams, IT systems administrator for Wilkes County. “As our county government continues to grow, I know I have a remote support solution in place that ensures secure, effective remote assistance for our users. The bottom line is that Bomgar just makes my job a whole lot easier.”