NCRIC Case Study

Managing access, without managing identities

The Northern California Regional Intelligence Center (“NCRIC”) initially selected Resilient to implement “single-sign-on” SSO for its information sharing needs, but soon realized several additional critical benefits. Resilient simplified user access to multiple information systems, enabled NCRIC to meet higher security standards, and significantly reducing the total cost of operating its IAM infrastructure. The network-based approach eliminated the need to manage identities for NCRIC and its partner organizations.

An opportunity to innovate and automate

NCRIC and its 300+ partners represent numerous distributed law enforcement agencies whose users require a collaborative environment that provides on-demand, secure access to sensitive data without adding administrative burden or relaxing security. NCRIC’s 3-person IT team needed an adaptive access management “layer” on top of its multiple legacy systems. However, it was difficult to get the right data, to the right person at the right time due to a diverse application environment, inconsistent user provisioning and competing IT priorities.

In addition, NCRIC wanted a solution that would automate the repetitive log-in process that plagued users as they moved between external applications. The new solution needed to be simple, flexible, scalable and seamlessly integrate with NCRIC’s existing architecture.

Quick deployment

Since government entities often have very different requirements than commercial enterprises, many software vendors don’t meet or even fully understand their needs.

“Resilient was very familiar with government requirements and well connected in the space, giving them credibility over the competition. Their product was easy to use and implement, and their technical team was very responsive and helpful in connecting our legacy systems to the network.”

Access across boundaries

NCRIC achieved true adaptive access control for all its users by leveraging Resilient’s platform to enforce specific and traceable authentication and verification steps across user activities. This allows NCRIC to meet the FBI mandated CJIS security standards while increasing the amount of shareable information. As new information is shared via the NCRIC, a distributed user base can easily and securely access it on-demand. Moreover, users can share information more effectively by avoiding repetitive, multi-step authorization processes. Since small IT staffs are common across smaller agencies, this reduction in overhead represents a significant additional benefit to NCRIC’s partners’ IT teams as well.

For NCRIC, eliminating manual provisioning and deprovisioning of accounts significantly reduced user access configuration errors, which threatened to slow down its cross-organizational information sharing initiative. The Resilient solution has increased automation significantly, improved control and visibility, freed up time and increased the morale of their IT staff.

About NCRIC

Governed by the Northern California High Intensity Drug Trafficking Area (NC HIDTA) Executive Board, the NCRIC is an integral component of The National Fusion Center Network and is one of 78 State Governor designated and DHS recognized fusion centers in the United States. Based in San Francisco, the NCRIC is comprised of approximately 100 full-time employees, and provides comprehensive intelligence products that give partnering public safety organizations a vital regional picture of trends and patterns relating to terrorist operations and other criminal activities. In its role, the NCRIC centralizes the intake, analysis, fusion, synthesis, and dissemination of criminal and homeland security intelligence throughout the Northern California coastal counties for approximately 300 organizations, encompassing 15,000 public safety officials.