Communications Security Establishment Canada

29 datasets found
  • Open Information

    Guidance on Cloud Security Assessment and Authorization (ITSP.50.105)

    "Cloud computing has the potential to provide your organization with flexible, on-demand, scalable and self-service IT services. To benefit from cloud computing, your organization must ensure that security risks are properly managed, cloud specific security considerations are addressed, and...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
    • PDF
  • Open Information

    Internet of Things (IoT) Security - ITSAP.00.012

    The Internet of Things (IoT) refers to the network of everyday web-enabled objects that can connect and exchange information. These “smart” objects include more than your computer, smartphone, or tablet. They include items like personal fitness trackers, TVs, thermostats, or cars. This list of...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Harmonized TRA Methodology (TRA-1)

    " TRA-1 - Tool TRA-1 - A-5: Sample Statement of Work for TRA Consulting Services TRA-1 - A-6: Sample TRA Work Plan TRA-1 - B-2: Asset Listing TRA-1 - B-5: Asset Valuation Table / Statement of Sensitivity TRA-1 - C-2: Threat Listing TRA-1 - C-4: Threat Assessment Table...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    IT Security Risk Management in the Government of Canada (ITSE.10.033)

    "With today’s dynamic threat environment and Government of Canada (GC) fiscal constraints, information technology (IT) security can no longer be an afterthought, but rather needs to be a vital component in both departmental and IT project plans. IT security risks can result in exposure of...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    IT Security Risk Management: A Lifecycle Approach (ITSG-33)

    With today’s dynamic threat environment and Government of Canada (GC) fiscal constraints, information technology (IT) security can no longer be an afterthought, but rather needs to be a vital component in both your departmental and IT project plans. With that in mind, the ITSG-33 publication has...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Cyber Security Tips for Remote Work (ITSAP.10.116)

    When you work in the office, you benefit from the security measures that your organization has in place to protect its networks, systems, devices, and information from cyber threats. Working remotely provides flexibility and convenience. However, remote work can weaken your organization’s...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Baseline Cyber Security Controls for Small and Medium Organizations

    This document presents the Canadian Centre for Cyber Security baseline cyber security controls wherein we attempt to apply the 80/20 rule (achieve 80% of the benefit from 20% of the effort) to the cyber security practices of small and medium organizations in Canada.
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Cyber Security Guidance for Elections Authorities (ITSM.10.020)

    "This document is intended for elections authorities. It introduces common threats to Canada’s electoral processes and provides guidance on protecting the systems and the people involved in these processes. The guidance in this document is based on information gathered from various sources and is...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
    • PDF
  • Open Information

    Cyber Security Playbook for Elections Authorities (ITSM.10.021)

    "This cyber security playbook guides elections authorities on anticipating, mitigating, and responding to threats that are specific to Canada’s democratic processes. This playbook introduces baseline cyber security measures and best practices that you can implement to improve your organization’s...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Implementation Guidance: Email Domain Protection

    This document provides guidance to system owners on implementing technical security measures to protect their domains from email spoofing. In this document, we describe technical measures that system owners can implement to prevent the delivery of certain malicious messages sent on behalf of...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Resources - Get Cyber Safe 2021

    Get the latest videos, info-graphics and shareable content to help you stay cyber safe.
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Best Practices for Passphrases and Passwords (ITSAP.30.032)

    You have passwords for everything: your devices, your accounts (e.g. banking, social media, and email), and the websites you visit. By using passphrases or strong passwords you can protect your devices and information. Review the tips below to learn how you can create passphrases, strengthen your...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Cyber Centre Data Centre Virtualization Report: Best Practices for Data Centre Virtualization (ITSP.70.010)

    A VDC must address the threats, inherent vulnerabilities, and characteristic risks to data centres, as well as those specific to complex virtualized environments. Fortunately, VDCs can be made secure by using several safeguards and best practices. These safeguards and best practices involve...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Don't Take the Bait: Recognize and Avoid Phishing Attacks

    Phishing is an attack where a scammer calls you, texts or emails you, or uses social media to trick you into clicking a malicious link, downloading malware, or sharing sensitive information. Phishing attempts are often generic mass messages, but the message appears to be legitimate and from a...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML
  • Open Information

    Password Managers-Security (ITSAP.30.025)

    "Trying to use different and complex passwords for every website, account, and application can be challenging. If you are experiencing password overload, you may become careless. Maybe you keep all your passwords written down or reuse the same, easy to remember password. You can use a password...
    Organization:
    Communications Security Establishment Canada
    Resource Formats:
    • HTML