Powered by Jitbit .Net Forum free trial version. dismiss

PCSO

PCSONET\asargent

all messages by user

10/17/2023
Topic: CJIS Memo 2023-7: Security Awareness Training Changes

Angela Sargent
 CJIS Memo 2023-7 regarding Security Awareness Training Changes is now available on the CJNet.

Summary:
The Federal Bureau of Investigation (FBI) Criminal Justice Information Services Security Policy (CJISECPOL) version 5.9.2 changes training requirements. Security Awareness training will be required annually and before new users have unescorted access to CJI. Additionally, agencies are required to provide security and literacy training to system users before accessing CJI, annually, and again when there are system changes or within 30 days of a security event for persons involved in the event.


Memo link.

As of October 2, 2023:

  • All initial and renewal of FCIC/NCIC certifications acquired within nexTEST will receive a one-year expiration.

  • All initial and renewal of CJIS Online training will receive a one-year expiration, and all content has been updated to comply with the new FBI CJIS Security Policy training requirements.
    • 10/24/2023
    Topic:     ELVIS Outage Thurs 10/26 @ 1330 Hrs CST

    Angela Sargent
    		 Per ELVIS:
    The Tallahassee Police Department is replacing a router on Thursday, October 26th. This will affect our connection to FDLE. We will be taking this opportunity to swap out a piece of hardware as well. ELVIS will go down at 1:30PM Thursday afternoon and will come back up as soon as possible. We were not given an ETA by the vendor that is replacing the equipment for our host agency.
    11/3/2023
    Topic:     CJIS Memo 2023-9: 2023 FBI CJIS Security Policy Release v. 5.9.3

    Angela Sargent
    		 Summary:
    The Federal Bureau of Investigation (FBI) Criminal Justice Information Services (CJIS) has released version 5.9.3 of the CJIS Security Policy (CJISSECPOL).

    Important Information for:
    Criminal Justice Agencies, NonCriminal Justice Agencies, Executives/Administrators, Local Agency Security Officers, Terminal Agency Coordinators and technical support staff.


    Memo link.
    11/9/2023
    Topic:     CJIS Memo 2023-10: Ride-Along CJISSECPOL Guidance

    Angela Sargent
    		 The Federal Bureau of Investigation (FBI) Criminal Justice Information Services Security Policy (CJISSECPOL) has requirements for the protection of Criminal Justice Information (CJI) throughout its lifecycle. This memo provides clarification on the policy requirements involving a criminal justice conveyance, and how to apply the policy to Ride-Along participants.

    Memo link.
    1/3/2024
    Topic:     ELVIS - removal of photo lineup per FDLE

    Angela Sargent
    		 Earlier today, the ELVIS team was made aware of a physical letter from the Florida Department of Law Enforcement (FDLE) that was addressed to us and mailed to Florida State University which we failed to receive until a copy was emailed to us this morning.
    FDLE has instructed ELVIS to immediately remove the Photo Lineup feature from ELVIS, and we have complied with their instructions. Effective immediately, photo lineups are no longer available, and since FDLE is the sole source of data for ELVIS, there is currently no plan to reinstate them.
    We apologize for any inconvenience this causes.
    1/5/2024
    Topic:     FDLE Memo 2024-1: FCIC Message Key Updates

    Angela Sargent
    		 CJIS Memo 2024-1 regarding FCIC Message Key Updates is now available on the CJNet.

    Summary:
    The Florida Department of Law Enforcement is updating Florida Crime Information Center message keys to remove optional lengths, and removing an erroneous field.

    Important Information for:
    All Criminal Justice Agency Personnel, Agency Heads, Local Agency Security Officers, CJIS Agency Coordinators, and FCIC Agency Coordinators.

    Memo link.
    1/8/2024
    Topic:     CJIS Memo 2024-2: Missing Person Biological

    Angela Sargent
    		 CJIS Memo 2024-2 regarding Missing Person Biological Samples is now available on the CJNet.

    Summary:
    The Florida Department of Law Enforcement (FDLE) Forensic Services Division provides DNA testing related to missing and unidentified person investigations. This memo identifies the FDLE testing available and replaces CJIS Memorandum 2011-20.

    Important Information for:
    Law Enforcement Agencies, Medical Examiner's Offices, and CART Teams.

    Memo link.
    1/8/2024
    Topic:     CJIS Memo 2024-3: FDLE Targeted Violence Prevention Program – Behavioral Threat Assessment and Management (Replaces CJIS Memo 2021-13)

    Angela Sargent
    		 CJIS Memo 2024-3 regarding FDLE Targeted Violence Prevention Program – Behavioral Threat Assessment and Management is now available on the CJNet.

    Summary:
    FDLE has revised the administrative structure of the behavioral threat assessment management (BTAM) program to support Florida’s law enforcement agencies use of the expanded scope of the Florida Crime Information Center’s (FCIC) Violent Person File (VPF) to include entry of identified persons of concern for targeted violence who are subject to an active behavioral threat assessment management (BTAM) inquiry or investigation. This memo replaces CJIS Memo 2021-13, to document the elimination of extra requirements for agency participation beyond standard file entry and management criteria for the Violent Person File.

    Important Information for:
    All Criminal Justice Agency Personnel, Agency Heads, FCIC Agency Coordinators, CJIS Agency Coordinators.

    Memo link.
    1/12/2024
    Topic:     **UPDATED DATE**: ELVIS Planned Downtime: Wednesday, January 24 - 12:00am

    Angela Sargent
    		 We have made an adjustment to the date we will be performing maintenance. Wednesday, January 24th at 12:00am (Eastern Time) we will be down for routine maintenance and software improvements. We will send a follow up email when the system is back up and running.


    Margaret Edwards
    Systems Administrator
    Electronic License and Vehicle Information System (ELVIS)
    t: (850) 296-2408
    e:     medwards@elvisflorida.org
    w:     www.elvisflorida.org
    1/25/2024
    Topic:     CJIS Memo 2024-4: nexTEST Upgrade: Security and Privacy Training, and Unlock Automation

    Angela Sargent
    		 CJIS Memo 2024-4 regarding nexTEST Upgrade: Security and Privacy Training, and Unlock Automation is now available on the CJNet.

    Summary:
    On January 24, 2024, nexTEST will be upgraded to include Security and Privacy: General User training in all levels of FCIC/NCIC certification. Additional system changes include (1) users will be able to retake training to automatically unlock a “failed” test, as often as necessary to pass, and (2) recertification can be completed at any time during the annual certification period.

    Important Information for:
    Criminal Justice Agency Personnel, Local Agency Security Officers, FCIC Agency Coordinators, CJIS Agency Coordinators, nexTEST Administrators, and CJIS Online Administrators.

    Memo link.
    1/29/2024
    Topic:     CJIS Memo 2024-5: FBI NTOC Tip Messages

    Angela Sargent
    		 CJIS Memo 2024-5 regarding FBI NTOC Tip Messages is now available on the CJNet.

    Summary:
    The Federal Bureau of Investigation’s National Threat Operations Center will soon begin sending tip information to Florida law enforcement agencies via Nlets administrative message.

    Important Information for:
    All Criminal Justice Agency Personnel, Agency Heads, CJIS Agency Coordinators, and FCIC Agency Coordinators.

    Memo link.
    2/5/2024
    Topic:     NCIC/III Scheduled Maintenance – Tuesday, February 6, 2024

    Angela Sargent
    		 This notification is sent to you from the FDLE Criminal Justice Information Services (CJIS) Division. It is to inform you the National Crime Information Center (NCIC) and the Interstate Identification Index (III) will not be available from 0400 until 0600 EST on Tuesday, February 6, 2024.
    National wants/warrants, national status, and national RAP sheets will not be available to users (including Rapid ID) during this time.
    If you have any questions, you may contact the FDLE Customer Support Center at 1-800-292-3242.
    3/18/2024
    Topic:     CJIS Memo 2024-7: 2024 FBI CJIS Security Policy Release v. 5.9.4

    Angela Sargent
    		 CJIS Memo 2024-7 regarding 2024 FBI CJIS Security Policy Release v. 5.9.4 is now available on the CJNet.

    Summary:
    The Federal Bureau of Investigation (FBI) Criminal Justice Information Services (CJIS) has released version 5.9.4 of the CJIS Security Policy (CJISSECPOL).

    Important Information for:
    Criminal Justice Agencies, NonCriminal Justice Agencies, Executives/Administrators, Local Agency Security Officers, Terminal Agency Coordinators and technical support staff.

    Memo link.
    3/27/2024
    Topic:     CJIS Memo 2024-1: FCIC Message Key Updates effective 4/4/24

    Angela Sargent
    		 This is a friendly reminder that the mandatory message key changes outlined in 2024-1 go into effect next week, 4/4. Please make sure you’ve completed or arranged to implement any necessary changes to your agency’s FCIC interface on or before that date.

    Thank you,

    CJIS IDT



    CJIS Memo 2024-1 regarding FCIC Message Key Updates is now available on the CJNet.

    Summary:
    The Florida Department of Law Enforcement is updating Florida Crime Information Center message keys to remove optional lengths, and removing an erroneous field.

    Important Information for:
    All Criminal Justice Agency Personnel, Agency Heads, Local Agency Security Officers, CJIS Agency Coordinators, and FCIC Agency Coordinators.

    Memo link.
    3/28/2024
    Topic:     ELVIS : Upcoming Changes to User Authentication

    Angela Sargent
    		 We don't usually have big announcements like this, but I wanted to take a moment to let you all know about some upcoming features and changes that will affect user authentication. So, again, I apologize for the lengthy e-mail, but I want this transition to be as smooth as possible.


    It is our understanding that grid cards, as they are currently implemented, will no longer be a CJIS-compliant method of advanced authentication (AA) / multi-factor authentication (MFA).

    We want to keep ELVIS completely free, and in order to keep offering a free AA solution, we are in the process of testing a One-Time Password (OTP) feature that will be offered at no cost to agencies. This will eventually replace Grid Cards by e-mailing users a one-time, six-digit code with a 5-minute expiration that must be verified each time a user signs in. Many of you are already familiar with this method used by banks and other secure websites.

    Ref CJIS 5.6.2.1.3 (One-time Passwords)

    This will satisfy the out-of-band advanced authentication requirement. ELVIS is a stand-alone web application hosted outside of your agency's internal environment with its own user account and password, which is the first factor of authentication. Because the One-Time Password (OTP) is sent to a separate e-mail system ("out of band") that the user must also authenticate to (which, ideally, has a different password and is behind its own two-factor authentication), this is Out-Of-Band. Moving to OTP will also eliminate the need to replace lost/expired grid cards, and once we've verified its stability, it will entirely replace Grid Cards.

    While this feature has not been pushed to the live environment, if you need to go ahead and add the e-mail address the code will come from to your existing filters, it's the same one that's already being used to send new user activation links (donotreply@elvisflorida.org). If users have been getting their new account activation links, you shouldn't have any issue getting a one time password.

    I don't have a concrete timeframe for phasing out Grid Cards completely, but it will be relatively soon. There won't be anything that you need to do to transition to OTPs, but you should let your users know to expect this change if you are not intending to switch to our existing Duo integration or the new Entra Single Sign-On (SSO) method (see below). I'll be working with a couple of agencies, and once we're sure the OTP system is stable and working as expected, we'll be disabling the Grid Card system and moving any users currently on Grid Cards to OTP.

    We do not have any plans to offer built-in OTP through text-messages (because sending text messages costs us per message) or push notifications (we do not have a mobile app or any plans to make one). However, ELVIS already integrates with Duo, which supports both Push Notifications and SMS messaging for a subscription fee. We have no business partnership with Duo, but we integrate with their system. If you'd like to look into SMS or Push notifications, you can visit duo.com for more information.

    If you have any questions or concerns about the upcoming OTP feature or Grid Cards, please let us know. As always, we value agency feedback in everything we design.

    Next..

    We are also testing the new Duo Universal Interface (v4). Since we have already supported Duo for years, this is a fairly minor upgrade, but it will be coming soon as well. So far in our testing, this change is purely cosmetic to the users and will have NO impact on agencies that already use Duo integration. However, it will allow Duo admins additional configuration options.

    And lastly...

    Ref CJIS 5.6.4 (Assertions)

    Many, many of you have requested integration with Microsoft's Azure Active Directory (AAD)/Entra Single Sign On (SSO), and we're pleased to announce that ELVIS is currently beta-testing a new SSO feature using Microsoft Entra (as a side-effect, this feature will also support other SAML-enabled Identity Providers, not just Entra). This feature is absolutely OPTIONAL. Agencies that already leverage Microsoft AAD/Entra will be able to take advantage of this, but it is NOT REQUIRED to use ELVIS.

    When this feature is rolled out, in order for your agency's ELVIS users take advantage of it, a new application will have to be created within your Microsoft Entra dashboard and several settings will need to copied from there into ELVIS. We can help you through this process, and it only has to be done once for your agency. Once set up, all of your agency's ELVIS accounts will be able to attempt signing in through Entra SSO (you will have control of which users are allowed through your Entra Dashboard).

    Single Sign-On (SSO) Notes:
    1) Just as it has always been, ELVIS user accounts MUST be created in ELVIS by a Group Leader BEFORE Entra SSO will work. Users will NOT be allowed to create or self-register their own ELVIS accounts through Entra SSO, so Group Leaders will still be required to create user accounts in ELVIS before SSO will function.

    2) Further, at this time, user roles inside ELVIS are still managed through the ELVIS interface. The SSO functionality is ONLY to satisfy authentication requirements and simplify the sign-on process. User management (creating accounts, disabling accounts, managing roles) is still done through the ELVIS interface. Disabling a user's account in Microsoft Entra will prevent them from using SSO, but it will NOT disable their account in ELVIS.

    3) When using SSO, it is expected that agencies WILL REQUIRE two-factor authentication through their SSO provider (ie. Microsoft Entra). Because ELVIS is reaching out to Entra to verify a user has met authentication requirements, it will not prompt for an additional two-factor requirement.

    4) A user may be allowed to use two authentication paths (ie. SSO or Username/Password + OTP) as a backup in case SSO fails for any reason. However, the agency may also choose to only allow one method: SSO, OTP, or Duo. This is configurable per-user.

    5) We support over 280 law enforcement agencies within the boundaries of the State of Florida. This means we handle that many unique SSO/Two-Factor configurations, and because we have no idea what agency a user is attempting to sign in to until they give us their e-mail address, users will ALWAYS be required to enter at least their e-mail address (even for SSO) so that we can look up the correct login path to send them down. Further, and this bit is more technical, but a user's e-mail address must be configured as the primary identifier returned by Entra SSO (it doesn't have to be the user's Microsoft login, but it must be returned by Entra -- this is configurable in the Entra Dashboard), and it MUST match the e-mail address that the user entered or the user will not be allowed to sign in to ELVIS.



    I'm sorry for such a long and technical e-mail, but I wanted to make sure everyone knew what was coming!

    None of these features have been released yet. Currently, I'm looking publishing these changes during the first week of April and working with a few agencies at a time to verify that the Microsoft Entra integration and OTP are working as expected.
    4/1/2024
    Topic:     ELVIS DUO setup

    Angela Sargent
    		 Per the last ELVIS email reference One-Time Password (OTP) feature that will be offered at no cost to agencies. This will eventually replace Grid Cards by e-mailing users a one-time, six-digit code with a 5-minute expiration that must be verified each time a user signs in.

    Attached is a pdf on how to set up DUO for ELVIS.
    4/30/2024
    Topic:     ELVIS update /30/24

    Angela Sargent
    		 Good morning Group Leaders,

    Very shortly, I'll be pushing an ELVIS update with several routine parser fixes as well as updates to the Duo Universal Prompt.

    This will make ELVIS unavailable for about 10 minutes as the update goes live, and because it's a security update, all users will have to sign back in. I try never to make users do that, even on updates, but unfortunately there's no avoiding it this time.

    For those of you using Duo, this update is intended to be a seamless transition to the new version of Duo, so there are no changes required on your end. If it doesn't just work, let us know, please, and we'll fix it so your people can get in as quickly as we can. Please e-mail us at support@elvisflorida.org if your users begin experiencing issues. When you e-mail us, we'll need as many specifics as you can give us about exactly what's happening and contact information of someone we can call to get more details if we need them. We've tested the update as thoroughly as we can in-house, but each of you has your own environment. If issues arise with signing in, we'll help troubleshoot them with you.

    This update also includes the beta version of Microsoft Entra (and other SAML integrations), but I've hidden the Single Sign On link for now. I'll be working directly with a few agencies to test it, and once I'm sure it's ready for wide use, I'll make it available to everyone.

    Lastly, the current word from FDLE is that in addition to being "Out Of Band," any form of Two Factor Authentication (2FA, MFA, etc) will require us to identify a specific device, which EMailed One-Time Passwords cannot do. So, while ELVIS has Emailed OTP functionality, it doesn't meet the device requirements. We're investigating other MFA solutions, and until we're told to stop using them, Grid Cards will continue to function. However, if you don't currently use Microsoft Entra (or some other SAML Identity Provider) or Duo, we strongly suggest considering/investigating these two options as alternatives to Grid Cards before we're required to disable Grid Cards entirely. We don't have any commercial partnerships, so we can't advise you on cost or setup or maintenance or anything like that, but if your agency has a commercial MFA solution that's not one of these two, please let me know and I'll prioritize adding additional MFA alternatives based on how many officers we can help by having it.

    Thank you!

    --
    Zoë Williams
    Program Manager
    Electronic License and Vehicle Information System (ELVIS)
    5/2/2024
    Topic:     CCH/BIS/Rapid ID Scheduled Maintenance – Thursday, May 2, 2024

    Angela Sargent
    		 This notification is sent to you from the FDLE Criminal Justice Information Services (CJIS) Division. It is to inform you the Computerized Criminal History (CCH) system will not be available from 2130 until 0000 on Thursday, May 2, 2024.

    Identity information (name, race, sex, DOB, etc.) and Florida criminal history records may not be available during this time. Rapid ID users may only receive the SID number of identified individuals. DNA Confirmation users should use manual forms for submission of DNA until the system is back in full service. No responses will be returned on BIS transactions submitted during the maintenance period. Submitted BIS transactions will be queued and processed once the maintenance is complete.

    If you have any questions, you may contact the FDLE Customer Support Center at 1-800-292-3242.
    5/11/2024
    Topic:     ELVIS outage due to storms

    Angela Sargent
    		 Currently ELVIS is unable to return FLORIDA queries. This is due to an issue with DHSMV. They are most likely experiencing issues related to yesterday's severe weather. The city of Tallahassee and the surrounding communities were hit pretty hard. Thank you all for your patience while we try to get things back in order up here.
    5/20/2024
    Topic:     CJIS FDLE Biometric System downtime 5/20/24

    Angela Sargent
    		 THIS NOTIFICATION IS SENT TO YOU FROM THE FDLE CRIMINAL JUSTICE INFORMATION
    SERVICES (CJIS) DIVISION. IT IS TO INFORM YOU THAT THE FDLE BIOMETRIC
    IDENTIFICATION SOLUTION (BIS) SYSTEM WILL NOT BE AVAILABLE FROM 17:15 UNTIL 2
    0:15 EDT ON MONDAY, MAY 20, 2024.

    NO RESPONSES WILL BE RETURNED ON BIS TRANSACTIONS SUBMITTED DURING THE
    DOWNTIME. SUBMITTED TRANSACTIONS WILL BE QUEUED AND PROCESSED ONCE THE
    MAINTENANCE IS COMPLETE.


    YOU WILL RECEIVE A NOTIFICATION ONCE THE MAINTENANCE EFFORT IS COMPLETE. IF
    YOU HAVE ANY QUESTIONS, YOU MAY CONTACT THE FDLE CUSTOMER SUPPORT CENTER AT 1
    -800-292-3242.
    1..78910



    Powered by Jitbit Forum 8.3.8.0 © 2006-2013 Jitbit Software