Documentation
EasyWarrant Documentation
Technical reference, CJIS compliance guides, and integration documentation for EasyWarrant — the CJIS-compliant remote warrant application platform by Brigade Management, Inc.
CJIS Security Policy v6.0
This documentation reflects EasyWarrant's implementation of CJIS Security Policy v6.0, published by the FBI CJIS Division on December 27, 2024. All compliance references in this documentation cite v6.0 unless otherwise noted.
Quick Reference
CJIS Overview
What CJIS Security Policy v6.0 requires of EasyWarrant and your agency.
Security Architecture
Infrastructure, encryption, key management, and session security.
Authentication & MFA
AAL2 enforcement, Auth0 Government, session timeouts.
Encryption
AES-256 at rest, TLS 1.3 in transit, FIPS 140-3 compliance.
Audit Logging
Tamper-evident trail, agency ownership, export procedures.
API Reference
REST API endpoints, authentication, request/response schemas.
CJIS Control Mapping
Full table mapping CJIS controls to EasyWarrant implementation.
Agency Onboarding
Step-by-step guide for new agency partners.
Platform Overview
EasyWarrant is a CJIS-compliant SaaS platform that enables law enforcement officers to submit warrant requests to judges or magistrates remotely via live video, encrypted document submission, and legally defensible e-signature — in a single secure workflow.
It is owned and operated by Brigade Management, Inc. and runs on a dedicated Microsoft Azure Government subscription, isolated from all other Brigade Management systems.
Architecture Summary
| Layer | Technology | CJIS Relevance |
|---|---|---|
| Hosting | Azure Government (USGov Virginia / Arizona) | FedRAMP High, FIPS 140-3 |
| Document Storage | Azure Blob Storage Gov + Key Vault | AES-256, US jurisdiction, CMK |
| Database | Azure PostgreSQL Flexible Server (Gov) | FIPS-compliant managed service |
| Auth / MFA | Auth0 Government or Okta FedRAMP High | AAL2, FIPS-validated IdP |
| Live Video | Twilio Video or Daily.co (CJIS BAA) | DTLS-SRTP, end-to-end encrypted |
| E-Signature | DocuSign eNotary | PKI, agency-level CA, TSA timestamp |
| Key Management | Azure Key Vault (HSM-backed) | FIPS 140-3, agency CMK |
| Audit Logging | OpenTelemetry + PostgreSQL | Tamper-evident, agency-owned |
| Frontend | React + TypeScript (PWA) | Served over TLS 1.3 |
| Backend | Node.js + TypeScript + Fastify | API layer, session management |
Key Compliance Obligations
Because Brigade Management owns the infrastructure and handles Criminal Justice Information (CJI) on behalf of law enforcement agencies, it is classified as a Private Contractor under CJIS Security Policy v6.0. The following obligations are mandatory before any agency goes live:
- Execute a CJIS Security Addendum with every agency before go-live
- Obtain state CSA approval for each agency's state
- Complete fingerprint-based background checks for all staff with unescorted CJI access
- Designate a CJIS Compliance Officer
- Obtain cyber liability insurance with CJIS-specific underwriting
FIPS 140-2 Sunset
FIPS 140-2 is NOT acceptable after September 21, 2026. EasyWarrant uses only FIPS 140-3 validated modules. Agencies using any FIPS 140-2 systems must upgrade before this date to remain CJIS compliant.