Using Microsegmentation to Strengthen CJIS Compliance in State & Local Government

Microsegmentation is a critical security strategy for state and local law enforcement agencies aiming to comply with the FBI’s Criminal Justice Information Services (CJIS) Security Policy. This policy mandates strict security, encryption, and access controls for protecting sensitive Criminal Justice Information (CJI).

The security policy ensures that law enforcement agencies and their partners securely manage biometric, biographical, and case data throughout its lifecycle. Microsegmentation helps meet stringent requirements for controlling access to Criminal Justice Information (CJI) by breaking networks into small, secure zones to restrict lateral movement of threats. Key aspects of microsegmentation for CJIS compliance include limiting “east-west” movement between systems; implementing Zero Trust architectures; and automating the classification of protected assets and creating dynamic security policies.

Learning Objectives:

• Understand the connection between microsegmentation and zero trust architecture in protecting and monitoring “need-to-know” access to CJI
• Evaluate how automated policy generation protects both compliance and operational stability
• Define the role of microsegmentation in protecting high-value assets, such as database servers containing sensitive information such as biographic, biometric, or case report data