Sparks City Council Meeting 8/25/2014 2:00:00 PM
Monday, August 25, 2014 2:00 PMCouncil Chambers, Legislative Bldg, 745 4th St., Sparks
Consent Items: 8.4
Title: Consideration and possible approval for purchase of Advanced Authentication software and support from Imprivata in the amount of $62,371.50
Petitioner/Presenter: Brian Allen/Brian Allen
Recommendation: Approve the purchase of Advanced Authentication software from Imprivata.
Financial Impact: N/A
Total Costs: $62,371.50
Total Costs: $62,371.50
Fund: Sparks Grants & Donations Fund Account: 603055 Program: 2014 Justice Assistance Grant (091014) Amount: $21,871.21 Budget Status: Over Budget (See Budget Correction Plan) |
Fund: Sparks Grants & Donations Fund Account: 603055 Program: 2012 Justice Assistance Grant (091011) Amount: $17,593.69 Budget Status: Over Budget (See Budget Correction Plan) |
Fund: Sparks Grants & Donations Fund Account: 603055 Program: 2013 Justice Assistance Grant (091012) Amount: $22,906.60 Budget Status: Over Budget (See Budget Correction Plan) |
Business Impact (Per NRS 237):
A Business Impact Statement is not required because this is not a rule.
A Business Impact Statement is not required because this is not a rule.
Agenda Item Brief: The Federal Bureau of Investigation (FBI) has mandated that users that have access to the Criminal Justice Information System (CJIS)data must use Advanced Authentication processes. The Sparks Police Department is not currently in compliance with this mandate. The use of the CJIS system with access to NCIC and criminal histories (III) are a requirement for the Police Department. The purchase of this software will bring the Police Department into compliance with the FBI's mandate.
Background: In September 30, 2014, the FBI has mandated that any user that has access to CJIS (Criminal Justice Information System) data must use Advanced Authentication if the user is using a computer in a non-secure physical location. A non-secure environment is considered anything outside of the Police Department building or outside of a Patrol Car. Advanced Authentication requires two forms of credentials to be presented before access to a network will be allowed. The first credential you need is considered "something you have" or "something that you are." Something you have needs to be physical or part of your body. This could be a smart card, a security token or a key fob. Something that you are could be a finger print or even an eye scan. These are all something that can be carried on your person. The second credential you need is considered "something you know." Things that classify under the "something you know" category can be a password, pin number or a challenge question. This is unique to the user and allows for advanced security if for any reason the "something you have" portion of the security is compromised (Stolen cards, lost security tokens, key fob stolen, etc.). Advanced Authentication is secure and therefore required by the FBI to access CJIS data. The Police Department and the IT Department are currently not in compliance with this requirement as the Police and City IT personnel must be able to remotely connect to the Police Department’s systems from their homes, and these are not considered secure environments. Also, the City Hall IT Department is not considered a secure location because it does not restrict access to its offices. Because of these restrictions, we have not been able to allow Patrol officers to have the ability to remove the mobile computers from the vehicles to assist in taking reports. In addition, Detectives are not allowed to take their laptops out of the building for investigation purposes. With the purchase of an Advanced Authentication system, we would be able to remove these restrictions.
Analysis: Members of the Police Department IT staff have contacted several vendors in search of a solution for Advanced Authentication. Several vendors gave demonstrations, and it was discovered that all of the vendors not only provide Advanced Authentication but also the feature of Single Sign On. Single Sign On allows the servers at PD to securely store all the passwords used by all the systems for each Police Department user. Therefore, once a user is logged on with Advanced Authentication, they would not be prompted for any additional passwords for any of the systems they have access to. This feature would be a great improvement throughout the Police Department as many users have access to more than a dozen different systems. In addition to contacting vendors, both Washoe County and Reno have provided details of their search for a solution and in the end, the Imprivata software solution that Washoe County uses is the also the best solution for our needs. They purchased Imprivata in 2012 and have been very happy with the system, and have stated that Imprivata was the only vendor who met all their requirements. And it meets all the requirements that we have laid out, which includes the ability to use our current RFID access cards as the “something you have” (Several vendors could not support using our current cards in their scheme). Imprivata has an impressive list of customers and has been in the health care arena for many years to meet HIPAA requirements. With these new CJIS requirements for Police Departments, they are now actively pursuing this market (they currently have 144 West Coast customers they consider small – which is anyone with less than 2,000 users). In addition to Washoe County, they are in many Northern California Counties (Solano, Ventura, San Francisco, and El Dorado) and cities (Napa, Sacramento, and Livermore). With the purchase of Advanced Authentication and the inclusion of Single Sign on, we asked Imprivata for a quote that will cover all Police Department employees and all IT personnel who need access to the Police Department network (150 employees and 120 computers). That quote came out to a one-time purchase price of $62.377.50, which include all hardware, software, training and one year of maintenance. Per NRS 332.115(h), a formal competitive bid process is not required.
Alternatives: The Council may not authorize this purchase and direct staff to identify another Advanced Authentication vendor and/or process.
Recommended Motion: I move to approve the purchase of Advanced Authentication software and support from Imprivata for the amount of $62,371.50
Attached Files:
City of Sparks Police Dept AM 100 new_OneSign Quote Template - 03222013_2014-08-05.pdf