Government Security News April May 2015

More documents

Recommendations

Info

Personal information in the cloud needs to be better secured Continued from page 8 of building analytics, data mining, advertising, or improving the services provided.” Of course, read literally this might prohibit even clearly appropriate security-oriented metadata analysis, but we are certain this is not what was intended. Such a reading would not be consistent with the FBI’s constructive, operational approach. Other elements of the new ISO 27018 standard are also reflected in the cybersecurity whitepaper included in the CJIS policy. This paper offers law enforcement a list of CJIS compliance areas that need to be addressed as part of a cloud deployment and recommendations to address security and data privacy issues. These recommendations, like the ISO standards, cover a host of areas , including governance, compliance, trust, identity and access management, data protection, availability, and incident response. Moving forward, it seems very likely that the FBI’s CJIS cloud data storage policy will be harmonized with the new ISO 27018 standards. This FBI policy is a pragmatic and forward-looking approach to cloud computing which minimizes technological mandates and affords flexibility to individual law enforcement organizations. The ISO 27018 standard is consistent with that mandate inasmuch as it tells customer organizations Paul Rosenzweig that the cloud service providers they use will protect their users PII and will be transparent about how they handle this PII - including geo location and the ban on advertising or commercial use. The ISO self-certification process provides cloud service providers with a benchmark certification that they can present to potential law enforcement customers as evidence of their ability to comply with CJIS requirements. Indeed, one can (and should) envision a CJISspecific annex under which cloud service providers supplement their ISO 27018 certification with a CJIS-compliant supplemental certification. In short, the alphabet soup of CJIS, PII and ISO in the end spell out a simple message: secure, confidential cloud storage of criminal justice information. And that is an easy text to understand. Paul Rosenzweig is a senior adviser to The Chertoff Group, a global security advisory firm that advises clients on information security, including cloud computing, and former Deputy Assistant Secretary for Policy at the U.S. Department of Homeland Security. 46
2015 Airport/Seaport/Border Security Awards Deadline for Entries Extended to May 22 Government Security News would like to take this opportunity to invite all Technology Vendors, Airport, Seaport and Border Security Officers, Executives and Security Teams to visit the GSN 2015 Awards website at www.asbsecurityawards.com, review the 37 updated entry categories, and if you find one or more of them that fits your company or agency, go for the gold! And we mean that literally, because all winners will receive a handsome, gold-trimmed plaque that you can post in your office or other prominent position, and all Winners and Finalists will be invited to post their winning entries and additional information in our 2015 Yearbook of Airport, Seaport, Border Security Awards Recipients. It’s great publicity and exposure in GSN, which is sure to be further enhanced by Google and the other Search engines and Social Media. Check out the new categories for 2015 and be sure to look through our 2014 Yearbook of Airport, Seaport, Border Security Awards at: http://www.gsnmagazine.com/2014ASBSecurityYearbook 47
Page 1 and 2: Government Security News APRIL/MAY
Page 3 and 4: NEWS AND FEATURES DOT Secretary Fox
Page 6 and 7: Partner Alliance for Safer Schools
Page 8 and 9: The vast amount of personal informa
Page 10 and 11: What vulnerabilities are lurking in
Page 12 and 13: Communication: Use tweets and texts
Page 15 and 16: A quiet revolution in biometrics fr
Page 17 and 18: Video Surveillance/Analytics/Video
Page 19 and 20: -based analytics at ISC West terns
Page 21 and 22: DarkFighter Network Camera Conventi
Page 23 and 24: Rigid Strength No other Pole can ma
Page 25 and 26: costs—by 50 percent, on average.
Page 27 and 28: it’s garnered from the community.
Page 29 and 30: Employing a high degree of image pr
Page 31 and 32: Dateline Phoenix: Dispatches from 2
Page 33 and 34: MIR Systems unveils mobile incident
Page 35 and 36: activity. In addition, federal bord
Page 37 and 38: Rugged HD video surveillance camera
Page 39 and 40: steadfastness and courage, her stor
Page 41 and 42: to DEA Administrator Michele Leonha
Page 43 and 44: hancement Filter allows officials t
Page 45: say they will work closely with sch
Page 49 and 50: AXIS introduces new launches-and ne
Page 51 and 52: at the World Trade Center and the N
Page 53 and 54: The News Leader in Physical, IT and

Government Security News April May 2015

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?