This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

CJIS Compliance and Google Workspace Accounts

Posted a month ago
graphite
New Member
Reply posted on --/--/---- --:-- AM

Using Open ID Connect to authenticate users of Google Workspace accounts to access a third party application that contains sensitive information such as CJIS data, is it possible to force a user to have to log in again? This is required per FBI CJIS Security Policy.  And I know police departments are using Google Workspace.  Google Workspace is purportedly able to comply with this policy. But, I have yet to find a way to force re-authentication after period of 30 minutes of inactivity within the application. Is this possible? If so, how?

0 1 68
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
KAM
Gold 2
Gold 2
Reply posted on --/--/---- --:-- AM

@graphite in my $dayjob, I'm a compliance & cyber expert in the Google ecosystem.  LMK if you need to talk more.

For CJIS, you will need to be using Enterprise Plus with the Assured Controls Plus add-on.  Additionally, for the requirement you are discussing which is 5.5.5, the last sentence is your hint: "Note: an example of a session lock is a screen saver with password. "

In short, you want to enforce screen locks for the systems you use to access GWS.  MDM, GPO, and Chrome Enterprise Premium are all possible ways to solve this that should be explored for your specific environment.

Regards,
KAM

0 Likes
Top Solution Authors
View all