SLED Certification of 3rd Party NCIC Application Software

Slides:

Advertisements

Similar presentations

Historically Underutilized Business Program Texas Department of Insurance Special Deputy Receiver Program January 2008.

Advertisements

IPv6 Deployment CANTO Nate Davis, Chief Operating Officer 13 August 2014.

Jennifer Hlad, LEDS & OUCR Trainer LASO 101 – 2013 OREGON STATE POLICE LAW ENFORCEMENT DATA SYSTEMS CRIMINAL JUSTICE INFORMATION SERVICES DIVISION.

How To Prepare For A CJIS Audit

Meraki Mobile Device Management

ARE YOU SURFING WITHOUT A LIFE JACKET? LOOKING AT THE PROS AND CONS OF WEB BASED SOFTWARE Karen Burkhardt, Mobilitat Software.

INDIVIDUAL MARKET PAYMENT AND ARREARS Assistance Network Program Development.

Network security policy: best practices

1 NTC/TCS Training Dallas 2010 TWO Set-ups Wired and Wireless.

SNIA/SSIF KMIP Interoperability Proposal. What is the proposal? Host a KMIP interoperability program which includes: – Publishing a set of interoperability.

RI Telecommunications Education Access Fund (RITEAF) RI Department of Education June 12, 2015.

1 Amendment 10 People First Overview June 12, 2008.

Presentation to the Oversight Board Santa Clara County Auditor-Controller 1.

PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.

Module 9: Designing Network Access Protection. Scenarios for Implementing NAP Verifying the health of: Roaming laptops Desktop computers Visiting laptops.

Planning Retreat 2009 Personnel Office Re-cap of Goals for

1 MTAC eVS®/PTS User Group Thursday November 10, 2011.

Louisiana Library Connection Network Update November 2004.

When Can You Redact Information Without Requesting an Attorney General Decision? Karen Hattaway Assistant Attorney General Open Records Division Views.

National Model Scanning Tour “Communications”. The Iowa Department of Public Safety administers a trusted statewide network of servers, PCs, service.

State Purchasing – DTS SOLICITATION AND CONTRACTS PROCESS Background and Highlights 3/17/16 Complement to the State Purchasing – DTS Solicitation and Contracts.

Avoiding Unauthorized Purchases An unauthorized purchase is a purchase committing agency funds without prior approval. Training provided by Texas Juvenile.

Technical Assistance Session for Fiscal Year May 23 and 24, 2016.

Non-Criminal Justice Agency User Agreement

State of Utah Small Package Delivery Services States Kickoff Webinar

Training for Supervisors and Designees

DOL Employee Benefit Plan Audits & How to Prepare

Invoicing 2016 E-rate Program Applicant Training

Monthly Compliance Training

It’s all in the contract…

Distributed Asset Management Making The Business Case

E-RATE PROGRAM APPLICATION PROCESS, PART 2

Network Layer Security Update

Instructor Materials Chapter 9: Testing and Troubleshooting

After the FCC Form 471 E-rate Program Applicant Training

Privacy & Confidentiality

Board of County Commissioners

Texas Law Enforcement Best Practices Mid Year Training Conference

Step 3: Legally Binding agreements and contracts

Department of Buildings

Financial Affairs Training

Get 2018 Best Cisco Actual Test Preparation Solutions For Guaranteed Success Dumps

Nibrs Transition Presenter: Regina Chacon, Business Owner,

IT Development Initiative: Status and Next Steps

DEPARTMENT OF PUBLIC SAFETY – Forensic Laboratory

© 2017 Universal Service Administrative Co.

Curricular Practical Training (CPT) Tutorial

TWO Set-ups Wired and Wireless.

E-Rate 101: Overview of the Program

Worksite Enforcement Elise A. Fialkowski, Esq..

Air-Cooled Chillers (ACCL) and Water-Cooled Chillers (WCCL) Certification Program Update 2018.

CJIS-Central Repository

Chris Ince ISO Lead Auditor Security Risk Management Ltd

Process Overview for Service Providers

FINISHING FUNDING YEAR (FY) 2017 AND WORKING ON FY2018

Presentation Informational February, 2001 The RealEC Exchange.

E-Rate 101: Overview of the Program

Fingerprint Based Criminal History Records

Texas Law Enforcement Best Practices 2017 – Raising the Bar!

Back to the New Basics Schools and Libraries Division

Introduction to E-rate

Care Provider Background Screening Clearinghouse

Topic 12: Virtual Private Networks

2019 Service Provider Training

Florida’s New Guardianship Assistance Program

Recognized Obligation Payment Schedule (ROPS) Certification Process

WORKING ON FUNDING YEAR (FY) 2019

General Services Department State Purchasing Division

Nibrs Transition Presenters: Regina Chacon, Business Owner,

Presentation transcript:

SLED Certification of 3rd Party NCIC Application Software Tom Rupsis, SLED January 2004

Agenda Why Certification? SLED-Vendor Participation Agreement Certification Program Timeline Vendor Obligations Certification Levels Requirements for Compliance Certification Process

Agency expectations for SLED guidance Equal opportunity to all vendors Why Certification? Agency expectations for SLED guidance Equal opportunity to all vendors FBI/CJIS security requirements Helpdesk support Training options Timely updates of vendor software Anything not under the direct control of a criminal justice agency is considered to be “public”. This includes any county or city network on which law enforcement PCs are located. This also includes the “cloud” – the public network maintained by the telecommunications carriers (such as Sprint or BellSouth). All NCIC data must be encrypted when exposed to any “public” network. The agency may have to encrypt from its router to the desktop if those PCs are on non-dedicated networks.

SLED-Vendor Participation Agreement Between SLED and the vendor Effective immediately – all vendors Vendor must agree to certification FBI Security Addendum Fingerprint-based background checks No agreement = No SLED approval of new customers or connections SLED modem policy is more stringent than FBI CJIS. No dial-in is allowed to modems attached to PCs. Dial-in is allowed if agency uses modem pools (RAS) located outside of the perimeter firewall. Modems attached to other network devices, used for service and support, are allowed but must remain disconnected when not in use.

Certification Program Timeline Phased in over next 18 months New Vendors Must certify immediately SLED will not approve any connections Existing Vendors Must certify by June 30, 2005 No new connections approved after deadline

Vendor Obligations Letter of Certification No marketing reference to SLED w/o letter Certification withdrawn if vendor defaults No Certification = No contract renewals No Certification = No new customers

Certification Levels Two levels: Inquiry-only & Full Function SLED provides list of most commonly used transaction codes Vendor must meet minimum set Vendor may extend to meet business opportunities

Requirements for Compliance Must pass transaction tests Response times meet NCIC specs Helpdesk Inquiry Only : staffed 8 x 5 Full Function : staffed 24 x 7 Training options made available Notify SLED for new or deleted customers

Requirements for Compliance (con’t) Re-certify minor changes within 60 days Re-certify major changes within 180 days FBI Security Addendum on file Employee background checks on file Reimbursement (if any) paid up

Requirements for Compliance (con’t) Encryption Direct Workstation Software – Cisco VPN Foreign Hosts Must encrypt from server to desktop Should use Cisco VPN from server to SLED If unable to use Cisco, SLED approved alternative must be used

Certification Process

Questions? See www.sled.state.sc.us Certification Overview Current Vendor Certification Status Vendor Participation Agreement Vendor Certification Request Form FBI Security Addendum