top of page
Verum Notitia.png

®

The Next Level in Digital Data Fusion & Analytics
bandwidth-close-up-computer-connection-1

Data Protection

Because Security Matters

Privacy Statement

“Nighthawk is committed to the privacy and protection of every individual citizen. In serving law enforcement, Nighthawk has been designed to secure all data and information uploaded into the program to prevent illegitimate disclosure and malicious intent within the system. Nighthawk understands and appreciates the significant responsibility of protecting sensitive data and information. With collective decades of experience securing and protecting data, Nighthawk is positioned to provide data protection by leveraging the best and most current security options available.”

Infrastructure

  • Nighthawk LEOVision is hosted in Amazon Web Services (AWS) GovCloud - a secure cloud provider that complies with FedRAMP High baseline

 

  • Meets DOJ's Criminal Justice Information System (CJIS) Security Policy

  • Complies with FIPS 140-2

  • Services run in a private subnet within a secure Virtual Private Cloud (VPC)

Encryption

  • Nighthawk LEOVision services require that all connections use secure HTTP

  • Data is encrypted in transit by utilizing signed URLs for all user data transfers

  • User data is encrypted at rest with AES256 encryption

Users

  • Account logins and authentications are user-specific and only established for expressly-authorized agency personnel

  • User password requirements meet/exceed CJIS standards

  • Multi-Factor Authentication (MFA) required

Data Access

  • User data is only accessible to users in the same assigned group or by explicit invitation

  • Nighthawk LEOVision personnel have undergone background checks for CJIS compliance.

Auditing

  • Security related activities logged at all times

  • Audit logs stored in compliance with CJIS requirements

  • Metrics dashboard provides use statistics for agency needs

Nighthawk.Cloud, Inc. ResponsibleDisclosure Policy

  • Nighthawk.cloud, Inc. welcomes feedback from security researchers and the general public to help improve our security. If you believe you have discovered a vulnerability, privacy issue, exposed data, or other security issues in any of our assets, we want to hear from you. This policy outlines steps for reporting vulnerabilities to us, what we expect, and what you can expect from us. To access this policy, click here.

bottom of page