In the cyber domain, four years is a lifetime. In that time, Moore’s law tells us that computing power will double and then double again. And in the same time frame, cloud solutions for the storage of confidential government data have gone from a novelty (of suspect provenance) to a commonplace.
The story of that transformation – seen most clearly in the changing perspective on the FBI’s Criminal Justice Information System (CJIS) – is the story about the successful integration of law and policy and effective advocacy by the International Association of Chiefs of Police (IACP). And therein hangs a tale.
In the early 1990s, the FBI began operating the CJIS – a network of data sharing arrangements that link almost all of the 18,000 police departments across the nation. But the information that the police share is highly sensitive and confidential. They have custody of vast amounts of personal, private information, and they are subject to intense external scrutiny. That means that the police must always be able audit exactly who has accessed their data, when, how, and for what purpose.
As a consequence, the FBI also developed a security policy that established guidelines for the creation, transmission, and storage of criminal justice information. Any police department that wanted access to shared data (which is pretty much everyone these days) had to conform to the minimum security standards set by the FBI.
And then along came the cloud. Little more than four years ago, police officials around the country began to think of the utility of cloud computing. Moving operations to the cloud has a number of advantages in efficiency and cost that, in these budget-constrained times, are of great value.