When you get home from work today and you unlock your door with your key, you have used dual authentication. When you go to the ATM to grab some cash before going out to dinner, you will insert your card in the reader and then be required to enter your PIN to get your money. That, too, is an exercise in dual authentication.
You may have been hearing lately about using dual authentication as a way to strengthen cybersecurity and protect data, but the concept really isn’t new, as it isn’t much different than the actions illustrated above. You’ve been doing it most of your life, and it has been around for ages. It pairs something you have with something you know. Unlocking your door requires you have the proper key for your door and you know exactly where that door is. In banking, dual factor authentication has been in existence since the advent of the ATM (MAC, for our older readers). You have your ATM card and you know your PIN; you must have both items to gain entry to your account.
CSI Technology Group takes security and the safeguarding of your data very seriously. We understand the importance to law enforcement agencies of safeguarding CJIS information; that it stands near the top of the list in security ranking, right underneath operational security, which impacts officer safety.
CSI has developed dual authentication for our InfoShare™ product line, and it meets the requirements of the New Jersey State Police and the FBI security regulations. For our New Jersey agencies that store, even on a temporary basis, Computerized Criminal History (CCH) information in their InfoShare™ system, adopting this dual factor authentication will be critical for continued compliance with the CJIS regulations.
CSI offers the following two versions of dual factor authentication for your agency to choose from:
One Time Authorization Code (OTAC)Transmission –
With this option, the InfoShare™ account holder will enter their user name, password and a one-time authorization code that is transmitted to an InfoShare™ registered cell phone or e-mail address. This OTAC is only good for a predetermined period of time
Using the token option, an agency provides to CSI an external USB hard drive (also known as a “thumb drive” or “flash drive”) and we will implant an authorization token onto that device. Then the InfoShare™ account holder will enter their user name and password while the thumb drive is plugged into their device. This option is very popular with agencies that have other devices that require this type of authentication, such as certain brands of in-car cameras and ALPR Readers.
The InfoShare™ dual authentication application provides flexibility for your agency’s security plan, allowing your administrator to specify what type of credentials are required for which use, and providing the administrator with the ability to mix the authentication type. For example, a department can allow computers located in the department (i.e., a secured location) to be “whitelisted” from this policy, that is, accessed without any dual authentication requirement. This can be configured for all workstations in the agency, or just designated computers, such as the computer on the Chief of Police’s desk, which is located in a locked office. For MDT use, the department can specify that the user would have to use a USB drive token. The department could allow others to connect via an emailed PIN or secondary password which would be entered to confirm the identity of the user.
A CSI Technology Group representative can provide guidance on determining best practices for your agency in establishing your security plan. If you are interested in acquiring the Dual Factor Authentication application for your InfoShare™ System, please contact your CSI Technology Group representative or Mike Trahey at (732) 346-0200 for more details.