Unconfigured Ad Widget

**Falconis** · 07-15-2012, 1:26 AM

why?

**Tripper** · 07-15-2012, 9:30 PM

Clets to mobile
FBI via DOJ requirement
If your running clets in your mobile you are required to have 2-factor authentication on the MDT
Currently FBI/DOJ classifies an MDT as physically secure, Effective I think July 2013, they dont, therefore requiring 2-factor, leaving actually little time to become compliant.

**nickbackouris** · 07-16-2012, 6:59 AM

I'm a beat cop, and I'm computer savvy, but I have absolutley no clue what you are talking about. Sounds like you should be asking someone in our radio shop or in the tech garage.

**jaysen** · 07-16-2012, 7:24 AM

We use panny CF-29's without any physical authentication cards. I believe everything in ours is virtualized via vpn/sprint air cards... with individual doj assigned neumonics per MDC...

**code33** · 07-16-2012, 10:15 AM

Not yet.
The date is actually September 30, 2013.
Check with your CAD/Mobile software vendor to see which devices are supported.

This is a lot more technical that what your every day street cop needs to know or works on other than in addition to having to enter a password, swiping a finger or another security mechanism will have to be done.

The DOJ CLETS PPP's is mandating two-factor authentication:

Oregon State Police : 404 Page Not Found : State of Oregon

http://www.oregon.gov/OSP/CJIS/docs/CJIS_Security_Policy_Ver5_02092011.pdf?ga=t

Section 5.6.2.2.1 has details.

**Tripper** · 07-16-2012, 11:52 AM

there ya go
thanks code33

**POLICESTATE** · 07-16-2012, 11:57 AM

Robust authentication system, but where is the encryption? I would assume it's all done in some sort of VPN environment?

Originally posted by code33

Not yet.
The date is actually September 30, 2013.
Check with your CAD/Mobile software vendor to see which devices are supported.

This is a lot more technical that what your every day street cop needs to know or works on other than in addition to having to enter a password, swiping a finger or another security mechanism will have to be done.

The DOJ CLETS PPP's is mandating two-factor authentication:

Oregon State Police : 404 Page Not Found : State of Oregon

http://www.oregon.gov/OSP/CJIS/docs/CJIS_Security_Policy_Ver5_02092011.pdf?ga=t

Section 5.6.2.2.1 has details.

**code33** · 07-16-2012, 12:08 PM

Encryption requirements are in another section of the PPP's. Google "DOJ CLETS PPP" to read all about it.

Up until several years ago, CLETS outlined the security requirements in their policy. Then they changed made it a requirement to follow FBI CJIS policy. Easier to do that than to keep on updating what they had, I suppose.

**Tripper** · 07-16-2012, 12:10 PM

code33, who is your MDT vendor
jaysen, your going to need 2-factor
ulitmately, to anyone wondering, in laymens terms, your going to need something physical in addition to a password, a token, smartcard, thumbprint, etc..
2-factor is; what you know (pin/password), combined with what you have (token/smartcard/something physical)

if anyone is currently using 2-factor, I'd like to know who your MDT vendor is, and what 2-factor method you are using, along with the hardware and software being used for that, I'm also interested in anyone using AFIS in the field.

**epilepticninja** · 07-16-2012, 8:42 PM

Back in the day, my only access to CLETS was via a dispatcher...

**socalblue** · 07-16-2012, 9:49 PM

From the folks I have spoken with recently PKI, software based tokens or lastly USB based token seem to be the most attractive.

Very few mobile systems have the proper hardware to support either a smart card or fingerprint reader. A USB based token works for most but one they cost $$, are easily lost/broken.

Software based secondary authentication tokens or PKI certs can be auto pushed/updated on the mobile units as part of normal maintenance.

It would not surprise me to see this requirement pushed of due to local agency budget constraints &/or technical issues with existing mobile equipment.

**Tripper** · 07-16-2012, 9:51 PM

Originally posted by epilepticninja

Back in the day, my only access to CLETS was via a dispatcher...

If only....

**Tripper** · 07-16-2012, 9:53 PM

It wouldn't surprise me for it to be pushed either
It doesn't seem very many agencies are doing it yet

**tyrist** · 07-17-2012, 5:46 AM

Hardware is dell. Software is Northrop Grumman.

Unconfigured Ad Widget

Computer Security

Computer Security

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Calguns.net Statistics

What's Going On