Contact Careers
US EnglishJP 日本語
DFRUtilitiesNational SecurityMore SolutionsProductsResources
US - EnglishJP - 日本語

Drone as First Responder (DFR)

DFR OverviewHow It WorksDFR CommandFire Service
Axon IntegrationFAQsCustomersResources
open Skydio Dock for X10 with Skydio X10 drone on a rooftop in a city setting

See how DFR improves outcomes

Utilities

OverviewHow it WorksSubstation MonitoringDistribution Network InspectionPower Generation Asset Inspection
CustomersResources
Skydio drone controller

See results of a substation inspection

National Security

OverviewTactical ISRBase DefenseAsset InspectionBorder Security
Advisory BoardResources
warfighter with a Skydio X10D drone

See the advantages you get against adversaries

For Any Industry

Site SecurityAsset InspectionSurveying & Mapping

Public Safety

Drone as First ResponderFire ServiceSearch & RescueCrime & Crash Scene Reconstruction

Utilities

Asset InspectionSubstation MonitoringDistribution Network InspectionPower Generation InspectionSite Security

National Security

Tactical ISRBase DefenseAsset InspectionBorder Security

Inspection Solutions

TransportationConstructionOil & Gas

Products

Overview

Drones & Docks

Skydio X10Skydio X10DSkydio Dock for X10Attachments for X10 and X10D

Software

OverviewDFR CommandRemote Ops3D ScanExtend Integrations

Services

Regulatory ServicesSuccess Services

Platform

Skydio AutonomySkydio ConnectSkydio ParaverseSecurity Trust CenterDeveloper Tools

Resources

Resource CenterCustomer StoriesExtend Integrations CatalogDeveloper ToolsBlogResellers

Support & Training

Support CenterSkydio Academy

Events

All EventsExperience DaysAscend 2025Aerial Achievement Awards

Securing the Skies: Skydio's Path to CJIS 6.0 Compliance

Jeff Horne – Skydio VP, Security and FinanceJeff Horne

CJIS version 6.0 introduced a significant leap in both technical and operational requirements for managing Criminal Justice Information (CJI), especially regarding encryption practices, personnel security, and system auditability. Skydio, as a provider of autonomous drone solutions to public safety and law enforcement, and the only drone vendor with a FIPS 140-3 validated encryption module, committed early to meeting and exceeding these elevated standards.

Meeting the Encryption Standard

Unlike CJIS 5.5, which allowed broader interpretation of encryption requirements, CJIS 6.0 mandates the use of FIPS-validated encryption modules across all data states: in transit, at rest, and during processing. To meet this bar, Skydio implemented FIPS 140-3 validated encryption across all key components, including drones, controllers, Skydio Cloud endpoints, and data storage workflows.

Skydio is currently the only drone manufacturer on NIST’s Cryptographic Module Validation Program (CMVP) with a FIPS 140-3 validated module (Certificate #5006). This ensures that each stage in the evidence handling process meets the encryption requirements established under CJIS 6.0 and NIST FIPS 140-3.

Third-Party Review

CJIS 6.0 remains a self-attestation framework, but ambiguity in interpretation can lead to implementation gaps. To avoid this, Skydio engaged Fortreum, a FedRAMP-accredited Third Party Assessment Organization (3PAO), to independently assess our security controls, identify policy gaps, and validate our implementation.

This collaboration ensured that our approach aligned with both the letter and intent of CJIS 6.0, ensuring our implementation satisfies the documented control objectives and minimizes ambiguity during formal CJIS audits.

Operational Readiness with Axon

Technical compliance is only half the challenge. Operational workflows are just as critical. Skydio partnered with Axon to align on background screening, personnel data access, and secure evidence transfer processes. This includes workflows like concatenated SHA256 uploads to Axon Evidence, ensuring data integrity across every evidence transfer.

Axon’s experience with body-worn camera workflows informed the extension of similar controls to drone-based evidence capture. Our job was to extend that security model to autonomous aerial systems with dynamic capture and upload workflows.

Going Beyond the Baseline

Some agencies, especially large departments and federal partners, require security controls that extend beyond even CJIS 6.0. To meet those needs, Skydio implemented additional measures tailored for high-security environments. Working with agencies like the NYPD, we built enhancements such as SHA256 hashing at the point of capture and integrity verification in Skydio Cloud. These capabilities deliver cryptographic chain-of-custody transparency that helps ensure evidentiary defensibility if footage is challenged in court.

Advanced Encryption Options: YubiKey and TPM Workflows

For customers with elevated security needs, including defense agencies, we extended SD card encryption using hardware-backed key management originally developed for high-security environments. Skydio drones can encrypt data using hardware tokens (e.g., YubiKeys) such that the decryption key is never stored on the drone. This protects the media even if the aircraft is compromised. We’ve now made this feature available to all customers.

YubiKeys are effective for manually flown drones, but not for autonomous operations. For deployments using the Dock for X10, we shifted secure key storage to the dock itself, leveraging its onboard Trusted Platform Module (TPM, a dedicated hardware chip designed to securely store cryptographic keys and perform secure operations) and implementing a secure post-flight key sync process. This workflow ensures encrypted evidence can still be collected and recovered without manual key pairing.

Why It Matters

Drone-captured video is increasingly used in prosecutions, crash reconstructions, and incident response. If that data is mishandled, agencies face exposure to legal challenges, audit failures, and public mistrust. Skydio provides agencies with a system that aligns with federal data protection standards and is designed for use in the courtroom.

CJIS 6.0 introduces more stringent requirements for vendors managing CJI. Skydio builds systems designed to meet CJIS 6.0 and other federal security requirements, ensuring agencies can deploy with compliance assurance.


Connect with our experts about secure DFR deployments.

Get started
Back to top

Keep reading
Skydio Experience Day with Skydio DFR trailer in the foreground
Skydio Establishes America’s First Drone as First Responder Center of Excellence Through its Partnership with The Atlanta Public Safety Training Center
Read post
graphic of x10 dock closed with the x10 flying in the background
Dock for X10: The Future of Scalable, Autonomous Flight and Data Capture
Read post
Public Safety Grants 101: Crafting a Narrative and Budget
Read post

What team would you like to contact today?

Support