The Stellar-MoneyGram deal helps convert fiat into cryptocurrencies

Quick signatures were needed if the software giant wanted to move forward with a new law enforcement client: the New York City Police Department, according to sources familiar with the situation and emails reviewed by the Protocol. An NYPD spokesperson did not respond to multiple requests for comment.

“We apologize for the tight schedule and we understand that we are asking for your help this weekend,” former Chief Trust Officer Jim Alkove wrote to employees.

The signatures were also needed by employees to continue working in the government division. The warning from above was clear: anyone who didn’t sign would have to move to another ward.

The document in question dealt with a hidden obstacle that the tech industry faces with clients like the NYPD: the Criminal Justice Information Services, or CJIS, a division of the FBI that stores fingerprints, documents and other data and evidence used, among other law enforcement activities, to examine the history of suspected criminals.

In order for a software vendor to work with, for example, a city’s local prison system, engineers on those accounts are required to provide their personal data, including social security numbers, to the CJIS for criminal background and criminal background checks. credit. It is similar to the authorization that technology workers must obtain to work with federal agencies, known as FedRAMP.

But unlike FedRAMP, clients like NYPD can add additional requirements, such as banning anyone who filed for bankruptcy from working on the account, which makes the CJIS process more ad hoc. This prevented Salesforce from being able to implement a standardized process, according to sources.

‚ÄúTrust is our number one value and we take the protection of our customers’ data very seriously. Customer data protection includes compliance with various regulatory programs, such as the Criminal Justice Information Services Security Policy (CJIS), which may impose additional requirements on Salesforce employees, “a Salesforce spokesperson said in a statement. sent by e-mail.

After receiving a detailed account of the report in this story, the spokesperson declined to comment further.

READ  What is StrongBlock (STRONG) and how does it work?

CJIS on the brain

The immersion in CJIS-related work is part of a larger Salesforce attempt to earn more government business, including top-secret work with agencies such as the State Department. The company has at least 12 pending agreements with CJIS-related clients, including the US Drug Enforcement Administration, according to a source familiar with the pipeline.

However, the company has struggled to galvanize employee support for subsequent requirements that go hand in hand with its deeper push in the law enforcement industry. As a sign of the struggles Salesforce faces, neither the company nor the NYPD would confirm whether the deal discussed at their December meeting is still active.

To win more public sector customers, Salesforce must demonstrate that it can meet the requirements set by the NYPD and others. But the December effort triggered alarm bells among some that ultimately led to several employees being moved from the government’s cloud division for refusing to sign the contract and submit their personal information, the sources said. Salesforce declined to comment on employee-related matters.

With only a few hours to review a heavier “War and Peace” contract, some engineers rejected it. Salesforce executives ended up having to hold a city hall meeting on December 13 to answer employee questions, the sources said.

Engineers were asked to fill out what amounted to booking forms, the sources said, including a list of their visible tattoos or scars.

Eventually, workers were given more time to review and sign the contract. But some employees questioned Salesforce’s urgent timeline. For example, the documents included a signature from an executive who had left months ago, indicating that Salesforce had long expected this confrontation, according to a source, and a Slack channel that employees had access to showed conversations from executives discussing of the mandate pending several months earlier.

Many of the employee questions centered around how their information would be used, what protocols in place to safeguard it, how long it would be stored, and ultimately whether it would open them to unauthorized credit or background checks. Salesforce, according to sources, has provided few answers.

READ  The collapse of cryptocurrencies is a wake-up call for many, including the United States Congress

The other obvious problem with the CJIS, they said, is that each prospect may have a separate list of requirements for additional information and follow-up requests that could prevent an individual from working on the account. FedRAMP, on the other hand, has a uniform list of requirements that must be met by all companies.

It’s also a problem that some rivals – and close partners – don’t have. Other vendors, especially cloud service providers, probably don’t have to send employee information to the CJIS system despite working with similar customers. This is because AWS, Microsoft and Google have, in essence, stricter safeguards that prevent their employees from accessing customer information.

“Cloud service personnel are unlikely to have unescorted access to unencrypted criminal justice information,” an FBI spokesperson told Protocol. Spokespersons for AWS, Microsoft and Google Cloud did not respond to multiple requests sent by email.

However, Salesforce engineers can access that data to help with maintenance and support, according to a source familiar with its inner workings. It is also difficult to prevent engineers from logging into specific accounts as the various systems all share an underlying infrastructure which makes it difficult to erect such firewalls, according to the sources. Salesforce, however, is looking to move some self-hosted programs to FedRAMP systems owned and operated by AWS, according to one of the sources.

The third time is the charm

The NYPD had some strict rules regarding who could work on the account. For example, anyone who has suffered a touching violation with a fine of more than $ 300 or filed for bankruptcy has been barred from working with the client, the sources say.

Some employees immediately hesitated. At the same time, it was not a new request for many in the room.

Salesforce had attempted a similar move twice previously, according to sources: once, in 2017, with the Philadelphia prison departments and another time, years later, for a client who couldn’t be independently verified by Protocol.

READ  The sell-off continues, bitcoin and ethereum fall

The contract with the Philadelphia Department of Prisons fell through amid resistance from employees. Engineers were asked to fill out what amounted to booking forms, the sources said, including a list of their visible tattoos or scars. Since Salesforce employees were technically contractors, it was the only way the prison system could process the necessary background and credit checks.

However, a spokesman for the Philadelphia Department of Prisons denied that that was why the deal fell apart.

“The contract was not terminated due to employees who objected to providing their personal information to CJIS,” they said in an e-mailed statement. The spokesperson declined to comment further, citing the ongoing dispute with the company. Salesforce declined to comment.

But it is clear that the company was perhaps unprepared for employee resistance.

One of the CJIS requirements, for example, is employee fingerprints. Salesforce suggested storing all applicable employee fingerprints on a separate, encrypted laptop. This, combined with an agreement signed by the employees, would then make it easier for the company to provide the data by its workers for future customers. The engineers, however, saw it differently and rejected it. The idea was eventually shelved.

The push to land the NYPD – along with hiring for related roles – is a clear sign that Salesforce is eager to acquire more law enforcement business. Salesforce is also looking to step up its work with other federal agencies. For example, the company is currently rented for a position on “Project Blackjack,” code name of Salesforce for a top secret initiative with the State Department.

The effort to delve into the law enforcement industry comes at an interesting time for Salesforce. Employees are making public their disappointment over the company’s work with the NRA following the Uvalde shooting. And with law enforcement’s reputation tarnished for some irreparably, Salesforce’s growth ambitions may once again conflict with its prized cultural values.

Tinggalkan komentar