Every company that stores data wants to know that data is protected\u2014but some organizations, such as law enforcement and criminal justice agencies, have policies that require proof of much more stringent security measures.\r\n\r\nThat\u2019s why the Criminal Justice Information Services (CJIS) Division of the FBI created the CJIS Security Policy in 1998. It contains minimum requirements for the creation, viewing, modification, transmission, dissemination, storage, and destruction of criminal justice information (CJI). That\u2019s information like biometric data, digital fingerprint records, arrest and stolen property reports, criminal records, and digital evidence such as dashboard and body-worn camera video. As you might suspect, the full details of the security policy are outlined in a hefty document of more than 230 pages.\r\n\r\nAt Wasabi, we take every word of that policy seriously. Wasabi hot storage is a great choice for law enforcement agencies who need primary storage, secondary storage for backup or disaster recovery, and cold storage for data archival (with one low-priced, ultra-fast tier of service). We want agencies that deal with CJI to know that they can use Wasabi to store their most sensitive data in accordance with CJIS Security Policy regulations\u2014all with confidence and peace of mind in knowing that their data is fully protected.\r\nWasabi Receives CJIS ACE Compliance Seal from Third-Party Expert\r\nThe federal government doesn\u2019t issue a formal CJIS Security Policy certification or compliance assessment because it expects individual organizations to ensure their IT systems and practices comply with the policy. However, after a thorough audit, Wasabi storage services were awarded the official CJIS ACE Compliance Seal by Diverse Computing, a trusted third-party law enforcement agency solution provider with deep CJIS audit and compliance expertise.\r\nLayers of Security for Maximum Protection\r\nThe CJIS Security Policy requires law enforcement agencies to ensure that digital information, electronic records, and personally identifiable information are not deleted improperly, corrupted, tampered with, or disclosed to unauthorized individuals. That data must be protected in transit and at rest, throughout its lifecycle, regardless of whether it\u2019s kept on-premises, in a hosted facility or in the cloud. And those security requirements apply to every individual with access to, or who administers, criminal justice services and information\u2014including contractors, private entities, non-criminal justice agency representatives, and cloud service providers, such as Wasabi.\r\n\r\nThe Wasabi cloud storage service is engineered to ensure the protection, privacy, and integrity of customer data. The service is built and managed according to security best practices and standards, with CJIS security guidelines in mind. To meet and exceed those guidelines, Wasabi uses a \u201cdefense in depth\u201d approach to security, with a wide range of best practices and technologies to ensure the physical security of its facilities and to maintain the privacy, security, and integrity of electronic data and digital records.\r\nPhysical Security\r\nThe Wasabi service is hosted in premier Tier IV data center facilities that are highly secure, fully redundant, and certified for SOC-2 and ISO 27001 compliance. Each site is staffed 24\/7\/365 with on-site security personnel to protect against unauthorized entry. Security cameras continuously monitor the entire facility\u2014both indoors and outdoors. Biometric readers and two-factor or greater authentication mechanisms secure access to the building. Each facility is unmarked so as not to draw attention from the outside.\r\nSecure Network Architecture\r\nWasabi employs advanced network security elements, including firewalls and other boundary protection devices to monitor and control communications at internal and external network borders. These border security devices segregate customers and regulate the flow of communications between networks to prevent unauthorized access to Wasabi infrastructure and services.\r\nData Privacy and Security\r\nWasabi supports a comprehensive set of data privacy and security capabilities to prevent unauthorized disclosure of CJI. Strong user authentication features tightly control access to stored data. Access control lists (ACLs) and administratively defined policies selectively grant read\/write and administrative permissions to users, groups of users, and roles.\r\nData Durability and Protection\r\nWasabi provides eleven 9s object durability, protecting data against hardware failures and media errors. In addition, Wasabi supports an optional data immutability capability that prevents data from being deleted or modified by anyone\u2014including Wasabi\u2014and protects data against the most common causes of data loss and tampering including accidental file deletions, viruses and ransomware.\r\nTrue Security Is a Joint Effort\r\nOf course, our customers, including law enforcement agencies, have a responsibility to maintain security protocols, too. The Wasabi storage service is typically employed as part of a larger public or hybrid cloud IT implementation that includes multiple compute, storage and networking components. To ensure CJIS Security Policy compliance, IT personnel at those agencies must ensure the storage management tools and applications they use are configured to take advantage of Wasabi security features.\r\n\r\nWorking together, Wasabi and our customer agencies can ensure the protection, privacy, and integrity of criminal justice information. We are committed to helping agencies comply with the CJIS Security Policy and have secured our physical data centers, infrastructure, and services to meet those policy objectives.