Communications Security Establishment Canada

199 datasets found
  • Open Information

    Security Tips for Organizations With Remote Workers (ITSAP.10.016)

    Remote work introduces some challenges when trying to balance functionality with security. When working remotely, your employees need to access the same internal services, applications, and information that they would have access to in the office. However, your organization also needs to protect...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Spotting Malicious Email Messages (ITSAP.00.100)

    Organizations and their networks are frequently targeted by a wide variety of threat actors looking to steal information. Cyber intruders are technologically savvy, vulnerability conscious, and aggressively agile; a successful intrusion can quickly lead to the loss of data integrity and...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Top 10 IT Security Actions to Protect Internet Connected Networks and Information (ITSM.10.189)

    The Top 10 Information Technology (IT) Security Actions to Protect Internet-Connected Networks and Information (ITSM.10.189) is based on the Canadian Centre for Cyber Security (CCCS) analysis of cyber threat activity trends and their impact on Internet-connected networks. Organizations that...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Using your mobile device securely (ITSAP.00.001)

    "Your mobile device provides a convenient and flexible way to work anywhere or at anytime. While mobile devices play a vital role in the day-to-day operations of organizations and agencies, their use can also pose a threat to information and networks. Mobile devices are attractive targets that...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Top 10 IT Security Actions: #6 Provide Tailored Cyber Security Training (ITSM.10.093)

    This document is part of a suite of documents that focus on each of the top 10 IT security actions recommended in ITSM.10.189 Top 10 IT Security Actions to Protect Internet Connected Networks and Information [1]. While implementing all 10 of the recommended security actions can reduce your...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Mobile Security

    The following content was created prior to the creation of the Canadian Centre for Cyber Security by one of the entities that became part of the Cyber Centre. This content remains relevant to current discussions about cyber security.
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Contracting Clauses for Telecommunications Equipment and Services (TSCG-01L)

    There is growing awareness of the risks posed by potentially vulnerable or shaped technologies that may be entering the Government of Canada (GC) communications networks and information technology infrastructure through the supply chain.
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Technology Supply Chain Guidelines (TSCG-01)

    "Several meetings involving an ad-hoc group of federal government departments occurred in April-May 2008 around an emerging national security issue relating to the vulnerability of the supply chain for Government of Canada telecommunications equipment and services. In addition to the threat of...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Cyber Hygiene

    The following content was created prior to the creation of the Canadian Centre for Cyber Security by one of the entities that became part of the Cyber Centre. This content remains relevant to current discussions about cyber security.
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Guidance on Securely Configuring Network Protocols (ITSP.40.062)

    The information in this publication identifies and describes acceptable security protocols and their appropriate methods of use to ensure continued protection of UNCLASSIFIED, PROTECTED A, and PROTECTED B information.
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
    • PDF
  • Open Information

    Cryptographic Algorithms for UNCLASSIFIED, PROTECTED A, and PROTECTED B Information (ITSP.40.111)

    The information in this publication identifies and describes approved cryptographic algorithms and appropriate methods of use to protect the confidentiality of PROTECTED A and PROTECTED B information and the integrity of information to the medium injury level as defined in CSE’s ITSG-33 IT...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Security Considerations for the Use of Removable Media Devices for Protected C and Classified Information (ITSB-112)

    This bulletin is in support of the Treasury Board of Canada Secretariat (TBS) Information Technology Policy Implementation Notice 2014-01 (ITPIN: 2014-01). The notice, released in May 2014, describes the risks posed by, and the possible mitigations for, removable media devices that are used to...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    ITSP.50.104 Guidance on Defence in Depth for Cloud-Based Services

    This document is part of a suite of documents developed by the Cyber Centre to help secure cloud-based services and supports the cloud security risk management approach defined in ITSM.50.062 Cloud Security Risk Management.
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Malicious Cyber Activity Targeting Information Technology Managed Service Providers

    The Canadian Centre for Cyber Security (Cyber Centre) is aware of the ongoing malicious cyber activity targeting information technology (IT) managed service providers (MSPs) and has been providing advice and guidance to Canada-based MSPs and Canadian businesses who use MSP services.
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Guidance on Cloud Service Cryptography (ITSP.50.106)

    "Cloud computing has the potential to provide your organization with flexible, on-demand, scalable, and self-service information technology (IT) provisioning. To deliver this potential, it is imperative that we address the security and privacy dimensions of cloud computing. Cryptography is one of...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
    • PDF
  • Open Information

    Guidance on the Security Categorization of Cloud-Based Services (ITSP.50.103)

    This document is part of a suite of documents that the Cyber Centre has developed to help secure cloud-based services. Security categorization, the selection of a security control profile, and the selection of a cloud deployment model and a cloud service model are the first three steps of the...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Cloud Security Risk Management (ITSM.50.062)

    To enable the adoption of cloud computing, the Government of Canada (GC) developed an integrated risk management approach to establish cloud-based services. ITSM.50.062 outlines this approach which can be applied to all cloud based services independently of the cloud service and deployment models.
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Cloud Service Provider Information Technology Security Assessment Process (ITSM.50.100)

    The purpose of this document is to describe CCCS’s Cloud Service Provider (CSP) Information Technology Security (ITS) Assessment Program. The objective of the CSP ITS Assessment Program is to assist Government of Canada (GC) departments and agencies in their evaluation of CSP services being...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML