Security


Security

Commitment

At ALEN we take network and application security seriously. We are committed to ensure that our network and application are constantly monitored, tested and upgraded to stay ahead of internet security threats. We maintain a strict security policy that meets FBI CJIS 5.6 requirements as well as the Nlets Security Policy.

Our Software as a Service model ensures that you are working with the latest software and security updates to maintain your own state and federal compliance. You can rest assured that we take every step necessary to ensure that your information remains protected at all times.

SSL (Secure Sockets Layer)

Our entire network utilizes SSL, a standard security technology for establishing an encrypted link between a server and a client. We utilize  a 4096-bit SSL encryption and are certified to meet the FIPS 140-2 standard as required by the FBI CJIS Security Policy (Section 5.10.1.2).

Identification and Authentication

As required by the FBI CJIS Security Policy and our own security policy. We implement an advanced and dual authentication method to access our system. The policy states the following:

5.6.1 Identification Policy and Procedures

Each person who is authorized to store, process, and/or transmit CJI shall be uniquely identified. A unique identification shall also be required for all persons who administer and maintain the system(s) that access CJI or networks leveraged for CJI transit. The unique identification can take the form of a full name, badge number, serial number, or other unique alphanumeric identifier. Agencies shall require users to identify themselves uniquely before the user is allowed to perform any actions on the system. Agencies shall ensure that all user IDs belong to currently authorized users. Identification data shall be kept current by adding new users and disabling and/or deleting former users. For more information regarding our identity and authentication methods please contact us.

Employee Requirements

ALEN maintains a strict employment screening and hiring process that meets and exceeds both FBI CJIS Security Policy and Nlets Security Standards. Our process consists of but is not limited to.

  • Pre/Post Employment State and Federal Background Checks
  • Pre/Post Employment Drug Screening
  • Fingerprinting and Submission to Nlets and State level authorities for both non-technical and technical staff
  • Continual Security Awareness training

Physical Security

All network and server equipment is hosted and maintained at the Nlets secure datacenter in Phoenix, AZ. This facility meets all FBI CJIS Security Policy requirements. As a strategic partner with Nlets our Network team works closely with their security experts to help provide information on new and existing threats. The Nlets facility provides (source: Nlets Hosting Services Brochure):

"With one of the most secure and established hosting systems in the nation, Nlets offers seamless services to a wide range of private and public institutions. Using the latest, state-of-the-art technology, Nlets provides an unparalleled secure environment with redundant technical infrastructure and onsite expertise monitoring your hardware and connectivity 24/7/365.

To remain ahead of the curve with global security standards, Nlets aligned itself with the stringent FBI – CJIS policies, standards and guidelines among the following protection features on site:

  • Monitored by both fixed and pan-tilt/zoom security cameras
  • Protected by intrusion detection system with panic button activation
  • Two-factor authentication required for building access
  • Biometric iris authorization required for data center access
  • Extensive pre-employment background investigation process
  • On-site building security and data center monitoring staffed 24/7/365

The reliability of Nlets’ Hosting Services is unmatched in any industry.

  • Back-up generator and uninterrupted power supplies ensure no loss of power.
  • Circuits are interconnected to independent PDUs delivering 208v or 110v.
  • AT&T’s ACCU-Ring® provides a private network backbone that uses a dedicated high-speed fiber ring to carry all of a customer’s network traffic.
  • ACCU-Ring’s® self-healing ring architecture is redundant, providing diverse routing backup protection and eliminating single points of failure.
  • Network racks are equipped with temperature and humidity sensors that are centrally monitored.
  • Site is protected by sophisticated, dual fire suppression systems.
  • Secondary hosting services are located at our Disaster Recovery location, allowing for multiple business continuity plans.
  • Nlets network infrastructure allows for redundant paths to key state and federal entities."