FREE e-Newsletter
Important News - Hot Topics
Get them Now!

Cobalt Software Platform - Mark43
Mark43's Cobalt software platform unites a set of law enforcement tools securely...

No upcoming webinars scheduled

Ask The Expert

Submit your question here

Q. What are the biggest challenges in small rural communities for law enforcement?

With regard to security compliance the biggest challenges would be staffing and funding. There are several roles spelled out in Section 3 of the CJIS Security Policy that outline specific duties that each role is responsible for. In the case of rural police departments, they simply may not have adequate staff to fill those roles and carry out follow-up required to keep a law enforcement system in compliance with the particular areas of security they need.

My company sees agencies of all sizes using our hosted license plate reader and facial recognition solutions for this very reason. We have built our business around providing a level of security and infrastructure that most agencies, regardless of size, would find difficult to emulate. With that said, many agencies are moving to hosted solutions like ours to effectively outsource these requirements, allowing them to focus agency resources elsewhere. It is important to note, however, that the agency is still responsible for ensuring that these types of providers truly meet the requirements. I cover this topic in greater detail in my white paper.

There are also police agencies that rely on either state or county support for their IT needs. This may be a partial solution or may become problematic depending on what the service offerings are. An agency can incur additional needs or requirements that may not be able to be supported by the state or county, depending on the accepted responsibilities of the supporting entity. Where the funding came from could be a challenge as well; if a rural agency applies for and is granted funding from a specific source, there may be specific stipulations with regard to security or the programs’ use that may not be supported at the state or county level.

Lastly, rural agencies should consult with their allied law enforcement in consideration for the security model they choose to rely upon and there are several: National Institute of Standards and Technology (NIST), FBI-CJIS Security Policy, FIPS-140-2, Global Reference Architecture (GRA), just to name a few.

Ultimately whichever direction agencies choose to go regarding security, they need to be the ones comfortable with the standards and level of security that they choose for protecting their data.


Mark Rivera

Mark Rivera

FBI-CJIS Security Policy Compliance Officer

Mark Rivera, Customer Retention Manager and CJIS Security Compliance Officer with Vigilant Solutions, served for sixteen years with the Maryland State Police, retiring at the rank of First Sergeant with thirteen of those years at the supervisory and command level. He holds a Master of Science Degree in Management from The Johns Hopkins University and Secret clearance through the FBI, Baltimore.

Be the first to comment on this story

POLICE Magazine does not tolerate comments that include profanity, personal attacks or antisocial behavior (such as "spamming" or "trolling"). This and other inappropriate content or material will be removed. We reserve the right to block any user who violates this, including removing all content posted by that user.

Other Recent Questions

Should cities place the person responsible for CJIS compliance or cyber security of systems in the city under the direction of the police department?
Section 3 of the FBI-CJIS Security Policy defines Roles and Responsibilities for an...
Is case and incident information I exchange by voice over my ePTT system (Kodiak) subject to CJIS requirements for encryption and authentication?
The short answer is “No”. Case and incident information would be generated by...
What is the certification process for vendors?
In short, there isn’t one. I wrote a whitepaper recently covering this topic, among...

Police Magazine