Virtru helps you comply with CJIS by providing client-side encryption of sensitive information and restricting access only to the authorized recipient(s) you outline. With a paid Virtru plan, organizations can send criminal justice information (CJI) compliant encrypted emails, revoke sent messages and restrict forwarding. Confidential information remains private, audit-ready, and protected.
The rest of this article provides more details about how Virtru helps you maintain CJIS compliance. Please keep in mind that CJIS compliance is determined on a state-by-state basis. As a result, maintaining compliance using Virtru may be different depending on your state's interpretation of the regulations and may require advance Virtru products.
Personal Privacy Users
Help with CJIS compliance is not available for unpaid users on Personal Privacy accounts. If your organization requires CJIS compliance, you must contact the Virtru Sales Team and purchase a paid plan.
- Virtru’s encryption meets or exceeds all CJIS requirements (i.e. FIPS 140-2).
- Please note that FIPS 140-2 mode needs to be enabled for compliance with the Gmail plugin.
- Virtru encrypts criminal justice information (CJI) at rest and in-transit.
- Client-side encryption prevents third party vendors from having to handle unencrypted CJI.
- Virtru DLP, when properly configured, enables detection of CJI before it leaves secure locations.
Encrypted Search and CKS Features:
- Your organization may be able to meet CJIS compliance with Encrypted Search enabled. To confirm compliance, we would want to work with your state CJIS governing authority to make sure that Encrypted Search falls in line with their interpretation of the regulations.
- Some customers may determine that they need a CKS to achieve CJIS compliance in the cloud, while other customers may determine that Virtru’s standard client-side encryption meets CJIS requirements.