CJIS Security Policies

CJIS compliance aims at providing appropriate controls to protect the full life cycle of Criminal Justice Information whether at rest or in transit. The CJIS Security policies apply to all the entities with access to, or who operate with FBI CJIS Division's services and information. Mobile Device Manager Plus allows organizations to be compliant with CJIS and protect the data that is being accessed using mobile devices. 

Mobile Device Manager Plus facilitates the implementation of security controls and commands on these mobile devices. It also centrally controls the configurations, application usage, device protection and recovery. 

How does Mobile Device Manager Plus achieve compliance?

The following list of features provided by Mobile Device Manager Plus that allow organizations to be CJIS compliant.

Requirement Requirement Description How Mobile Device Manager Plus achieves it?
5.13.2.1

Ensure that CJI is only transferred between CJI authorized applications and storage areas of the device.

Using the containerization feature available in Mobile Device Manager Plus, admins can create a logical container in the devices which segregates both the corporate and personal apps on the devices.

5.13.2.2 (i) Remote locking of device

Mobile Device Manager Plus allows admin to remotely lock mobile devices that are lost/stolen, to keep the data secure.

5.13.2.2 (ii)

Remote wiping of device

Mobile Device Manager Plus has two types of remote wipe capabilities- corporate and complete wipe. Corporate wipe wipes only the corporate settings and data on the device. Complete wipe wipes all the data available on the devices.
5.13.2.2 (iii)

Setting and locking device configuration

Mobile Device Manager Plus lets the admin remotely configure the devices that are managed. The user will have to comply to all the settings that have been applied to the devices.

5.13.2.2 (iv)

Detection of “rooted” and “jailbroken” devices

Mobile Device Manager Plus has the capability to detect both jailbroken and rooted devices. Additionally, it also automates the removal of rooted devices from management.

5.13.2.2 (vi) Application of mandatory policy settings on the device

The policies applied on the device using Mobile Device Manager Plus cannot be removed by the users.

5.13.2.2 (viii)

Detection of unauthorized software or applications

Mobile Device Manager Plus allows admin to detect any unauthorized apps on the devices and also Blocklist the installation of such apps in the device.

5.13.2.2(ix)

Ability to determine the location of agency controlled devices

Mobile Device Manager Plus can remotely track the location of all the managed devices. In addition to tracking the latest location of the devices, admin can also view the devices' location history.

5.13.2.2(xi) Automatic device wiping after a specified number of failed access attempts

Amongst other available security options, Mobile Device Manager Plus allows admin to determine the maximum number of failed attempts after which the devices will be wiped.obile Device Manager Plus provides an option to specify the number of days for the passcode to be reset.