Case Study

Maryland Uses Virtru to Enable Distributed Teams with Easy-to-Use Data Protection for CJIS Compliance in the Cloud

“Virtru’s end-to-end email encryption and security expertise allowed us to achieve both efficiency and peace of mind by keeping control of our data.”
Ken Cheney, Acting CIO, Maryland Dept. of Education

Why did you decide to start your secure cloud migration project?

The State of Maryland encompasses 25 independent agencies to serve over 6 million citizens who rely on the State to keep their sensitive data secure. We spoke with Ken Cheney, Acting Chief Information Officer at Maryland’s Department of Education, to understand the process and challenges of migrating to the cloud while maintaining CJIS compliance. With Virtru, The State of Maryland, can now:

  • Enable distributed teams with easy-to-use data protection and access controls for regulated private data in the cloud, while maintaining CJIS compliance.
  • Expedite the delivery of constituent services through cloud-based workflows, including seamless recipient access and a quick installation process.
  • Easily share regulated data via email and files stored in the cloud.
  • “We migrated our files to the cloud for two main reasons. The first was to consolidate our email servers. We have 25 different agencies throughout the state, and before the migration, each had its own email server that had to be managed separately—a severe burden for our small IT team. Security was the other primary reason. Given the sensitive nature of our data, we need the highest security standards, and the cloud is unrivaled in this area.

“Consolidating workloads into a single, managed platform running on hardened infrastructure was a no-brainer from a security and efficiency standpoint.”

What were your organization’s biggest challenges throughout the migration?

“Our biggest concern for the migration was ensuring user adoption after the process was completed. Training was essential to ensure engagement with the new system. Moving to the cloud also brought new concerns about compliance and privacy. Our departments handle private data that is subject to strict regulatory compliance requirements like Criminal Justice Information Services (CJIS), and there were concerns that we would lose direct control and oversight of that data when moving to the cloud. Virtru’s end-to-end email encryption and security expertise allowed us to achieve both efficiency and peace of mind by keeping control of our data.”

What made you choose Virtru as your data protection partner for the migration?

“Virtru was chosen over other competitors because of the advanced security features that ultimately improved our security posture throughout the migration. With Virtru, the process was entirely compliant with CJIS security policies. Virtru has been a great partner for us over the years; whatever question we have, their team is always happy to go the extra mile for us!”

What advice would you give to those thinking of migrating?

“I recommend being extremely explicit about your requirements and intended benefits. We had a clear brief to consolidate email servers and streamline processes while keeping our data encrypted, private, and compliant with CJIS. This made the project move smoothly and allowed Virtru’s data protection to fit right into the process.

“Also, I suggest using in-house employees to train your team. Invest in making experts out of a select group of people in your organization and get them to share their knowledge. Not only do people respond better to training from peers and colleagues, but this way your trainers will have an intimate knowledge of the organization which really helps when rolling out the new systems.”