Cloud Cops: Thrive's New Hosting Modernizes Police Data Security

BOSTON, MA – April 07, 2026 – By Nancy Torres

Global technology provider Thrive has launched a new hosting capability designed to navigate the complex world of law enforcement data, a move that enables public safety agencies to embrace cloud modernization without compromising stringent federal security standards. The company announced its Criminal Justice Information Services (CJIS)-approved hosting environment, initially granting Florida-based agencies the ability to use its Texas data center.

This development addresses a critical tension for police departments and other public safety organizations: the urgent need to move away from aging, on-premise IT systems and the absolute requirement to protect highly sensitive data according to FBI mandates. For these agencies, which handle everything from biometric data to active criminal records, the integrity and availability of information are non-negotiable.

“For public safety agencies, downtime is not an option,” said Bill McLaughlin, CEO of Thrive, in a statement accompanying the announcement. “They need a partner like Thrive who deeply understands the regulatory landscape, modernization pressures, and the mission at hand. Our CJIS-approved hosting capability reflects our deep expertise working with state and local agencies, as well as our commitment to ensuring they have secure, resilient solutions that enable agencies to operate with confidence and get the job done.”

The High Stakes of CJIS Compliance

The FBI’s CJIS Security Policy is the gold standard for protecting law enforcement data across the United States. It is not merely a set of recommendations but a comprehensive framework that dictates how Criminal Justice Information (CJI) must be stored, transmitted, and accessed. The policy's requirements are mapped to rigorous federal standards, including the National Institute of Standards and Technology (NIST) 800-53 controls, ensuring a standardized, high level of security.

However, compliance is not managed by the FBI directly but is delegated to a CJIS Systems Agency (CSA) within each state. This state-level governance means that a cloud provider like Thrive must secure approval from each state individually, a complex and painstaking process. Florida's approval of the Texas data center for its agencies marks a significant step in what the company describes as a multi-state strategy.

Public safety agencies face immense pressure to keep pace with evolving CJIS policy updates, which increasingly address modern threats. Recent versions have introduced more stringent controls for managing firmware-level vulnerabilities and mandating phishing-resistant multi-factor authentication. For under-resourced IT departments, meeting these advanced requirements while fending off constant threats like ransomware can be a monumental challenge, making certified third-party environments an attractive solution.

A Crowded Field for a Critical Mission

Thrive enters a specialized market where established cloud giants have already planted their flags. Amazon Web Services (AWS) GovCloud and Microsoft Azure Government have long offered CJIS-compliant solutions, leveraging their vast, physically secure infrastructure and dedicated teams to sign CJIS Management Agreements with states across the country. These hyperscale providers give agencies powerful tools to build their own compliant cloud environments.

Alongside these giants are other specialized providers, such as Storj and Rackspace, that also cater to the unique needs of government and public safety clients. In this competitive landscape, Thrive is positioning itself by combining its certified infrastructure with a deep focus on the State, Local, and Education (SLED) sector. Rather than simply providing infrastructure, the company offers a suite of managed services, including cybersecurity, backup, and disaster recovery, aiming to act as a comprehensive technology partner.

This approach appears tailored to small and mid-market agencies that may lack the in-house expertise or resources to manage a complex cloud environment on their own. By bundling compliance with managed services, the provider seeks to differentiate itself from competitors that offer more of a do-it-yourself model.

Building a Resilient Digital Defense

Thrive's announcement emphasizes security and continuity as core tenets of its CJIS solution. A key feature is the use of geo-diverse data centers. With an existing CJIS-audited data center in Winter Haven, Florida, the addition of the newly approved Texas facility provides Florida-based agencies with a crucial layer of resilience. This geographic separation allows for robust backup and disaster recovery plans, ensuring that critical systems remain accessible even if one location is disrupted by a cyberattack, system failure, or natural disaster—a particularly relevant concern for agencies in hurricane-prone regions.

Beyond physical infrastructure, CJIS compliance extends to personnel. The policy mandates that any individual with access to unencrypted CJI must undergo a fingerprint-based background check and receive specialized security training. Thrive states its personnel have achieved Level 4 Security Awareness Certification, satisfying one of the policy's most stringent human-level requirements.

“CJIS requirements are stringent for a reason. They ensure that the data officers and agencies rely on is protected and always available,” noted Joe Holt, AVP of SLED at Thrive. “Thrive’s CJIS-approved hosting capability passed that high bar, giving agencies the flexibility and access they need, while ensuring their data is secure, recoverable, and compliant.”

A Blueprint for National Expansion

The launch is more than a regional offering; it serves as a clear signal of Thrive's broader ambitions in the government technology sector. The company's statement of a “streamlined path to expand CJIS-approved capabilities into additional states” points to a deliberate and scalable growth strategy.

This strategy is visibly supported by Thrive's recent corporate activity. The 2023 acquisition of IT Freedom, an Austin-based managed services provider, expanded its footprint and expertise in Texas. This followed a 2022 acquisition of DSM, a Florida-based provider with deep ties to SLED agencies in that state. This pattern of acquiring local market leaders appears to be a core part of its playbook for entering and conquering highly regulated, niche government markets on a state-by-state basis.

By securing these difficult-to-obtain compliance approvals and integrating them with a comprehensive service offering, the company is building a strong foundation for future growth. As more public safety agencies are compelled to modernize their technology infrastructure, the demand for partners who can navigate the intricate landscape of security and compliance will only increase. As Thrive works to bring additional states into its compliant ecosystem, it is positioning itself not just as a service vendor, but as a key partner in the ongoing digital transformation of American law enforcement.