Authentication As Mandated By FBI’s CJIS Policy

Little Chute, WI

Entrust Inc. and Heartland Business Systems have entered into an agreement.

Entrust Inc. and Heartland Business Systems have entered into an agreement that allows Heartland Business Systems to offer an authentication service for law enforcement agencies that’s designed to aid in their compliance with FBI security and authentication requirements outlined in the Criminal Justice Information Security (CJIS) Policy. The Wisconsin-based company will leverage Entrust’s comprehensive authentication framework to provide subscription-based authentication services to users accessing the FBI’s CJIS database.

“Entrust has a long, successful history with law enforcement agencies in the deployment of identity-based security for authentication, encryption and credentialing,” said Entrust President and CEO Bill Conner. “Our partnership with Heartland Business Systems is a critical step that will enable these agencies to easily and cost-effectively comply with the FBI’s CJIS policy — all via a single security management framework.”

Entrust and Heartland Business Systems collaborated on the design and implementation of the turn-key authentication solution that addresses specific CJIS policy requirements for authorized access to sensitive information from non-secure locations (e.g., police cruiser).

Powered by the Entrust IdentityGuard software authentication platform, an authorized end-user, agent or officer may securely verify their identity via any supported authenticator when accessing the CJIS database from locations deemed unsecure. Entrust provides a range of authorized authentication options, allowing an organization to choose the right authenticator for their unique user requirements.

“Our partnership with Entrust will help provide law enforcement agencies with the proper security capabilities to authenticate user identities and safeguard sensitive information about citizens, ongoing cases, evidence and more,” said Heartland Business Systems Principal Peter Helander.

Enacted in January 2011, the 127-page CJIS mandate outlines the security requirements for agencies exchanging, collaborating or transmitting data, sensitive material or personal information with the FBI. All law enforcement departments or agencies that require access to the CJIS database must comply with the FBI’s policy by September 30, 2013.

In detail, the CJIS policy requires law enforcement agencies to deploy advanced authentication to verify the identities of officers or individuals — whether from law enforcement, municipalities, courts, etc. — accessing the CJIS database from non-secure locations. Advanced authentication, as defined by the CJIS policy, can be achieved via biometric systems, user-based public key infrastructure (PKI), smartcards, software tokens, hardware tokens, or even innovative risk-based authentication solutions.

At the core of this relationship, Entrust’s comprehensive management framework serves as an organization’s single software-based security platform that bridges emerging technologies for strong mobility, cloud and smart credentialing offerings. By seamlessly integrating co-deployment measures, federation security, advanced APIs and self-service management tools, Entrust strengthens security, maximizes staff efficiency and reduces overall costs.

“By leveraging a proven authentication and security framework, these agencies will be better positioned to maximize their investments via a future-proof platform that evolves as policy changes, threats adapt and budgets are adjusted,” said Conner.

This specific approach is powered by Entrust's flagship authentication solution, Entrust IdentityGuard, which continues to lead the industry as one of the most robust software authentication platforms, providing an unmatched breadth of capabilities and flexibility to address the most demanding security environments.

The solution enables organizations to layer security — according to access requirements or the risk of a given transaction — across diverse users and applications. Entrust's diverse set of authentication capabilities include smartcards and USB tokens, soft tokens, grid cards and eGrids, IP-geolocation, questions and answers, mobile smart credentials, out-of-band one-time passcodes (delivered via voice, SMS or email), out-of-band transaction verification and a range of one-time-passcode tokens.

Established in 1992, Heartland Business Systems provides technology solutions to corporate, healthcare, education, government and not-for-profit organizations. These solutions include computer networking; technology planning; internet, data center, hosting, monitoring, security and managed services; cabling and audio/video solutions; and software consulting.


About Entrust

A trusted provider of identity-based security solutions, Entrust secures governments, enterprises and financial institutions in more than 5,000 organizations spanning 85 countries. Entrust’s award-winning software authentication platforms manage today’s most secure identity credentials, addressing customer pain points for cloud and mobile security, physical and logical access, citizen eID initiatives, certificate management and SSL. For more information about Entrust products and services, call 888-690-2424, email or visit

Contact HBS

Please direct media inquiries to:
HBS Marketing

All other inquiries, please use our Contact form or call: 800.236.7914