California and Microsoft Sign CJIS Security Policy Agreement

California State flagAs more and more state and local governments are looking to centralize and adopt cloud productivity solutions across their various agencies, including law enforcement, the need to meet unique requirements like the FBI Criminal Justice Information Systems (CJIS) Security Policy become increasingly important. CJIS stands for Criminal Justice Information System. The CJIS Division of the Federal Bureau of Investigation operates systems that provide state, local, and federal law enforcement and criminal justice agencies throughout the United States with access to critical criminal justice information including, personal information such as fingerprint records, criminal histories, and sex offender registrations.

A key requirement law enforcement agencies will place on their cloud service provider is signing the CJIS Security Addendum.  By signing the CJIS Security Addendum, the cloud service provider agrees to comply with the security policies required by the FBI. California Department of Justice (CA DOJ) recently determined that Microsoft Office 365 has implemented technologies and processes that will enable the agencies that use it to meet the latest FBI CJIS Security Policy requirements (CJIS Security Policy version 5.2). This means that government customers in the State of California such as City of San Diego, City of San Jose, City of Oakland, Santa Clara County, and San Mateo County can now have their law enforcement agencies use Office 365 as their cloud productivity solution and comply with CJIS. California becomes the fourth state after Texas, Illinois and New York where Microsoft has signed the CJIS Security addendum.

We are committed to investing in technology, processes and partnerships to win our customers’ trust and help them comply with an evolving set of US and international standards which includes but isn’t limited to ISO 27001, HIPAA, FISMA/FedRAMP, FERPA and EU Model Clauses.

To learn more about Office 365 Security, Compliance and Privacy please see the Office 365 Security, Compliance and Privacy blog. You can also learn more about the California DOJ’s decision by visiting the Microsoft in Government post.