Open Government Portal

Found 10 records similar to Cross Domain Security Primer (ITSB-120)

Federal

This guideline is intended to assist network architects and security practitioners with the appropriate placement of services (for example, domain name service, email service, and web proxy service) into network security zones.

Last Updated: Dec. 12, 2019
Date Published: May 1, 2009
Organization: Communications Security Establishment Canada
Formats: PDF HTML
Keywords:  Network Security
Federal

This Guidance document is intended to outline the baseline security requirements for achieving Network Security within the Government of Canada, in accordance with the Government Security Policy (February, 2004) and the Operational Security Standard: Management of Information Technology Security (April, 2004).

Last Updated: Sep. 25, 2020
Date Published: Jun. 1, 2007
Organization: Communications Security Establishment Canada
Formats: PDF HTML
Keywords:  Network Security
Federal

The Top 10 Information Technology (IT) Security Actions to Protect Internet-Connected Networks and Information (ITSM.10.189) is based on the Canadian Centre for Cyber Security (CCCS) analysis of cyber threat activity trends and their impact on Internet-connected networks. Organizations that implement these recommendations will address many vulnerabilities and counter most current cyber threats.

Last Updated: Dec. 12, 2019
Date Published: Oct. 1, 2018
Organization: Communications Security Establishment Canada
Formats: PDF HTML
Keywords:  Cyber Defence, Network Security, Risk Management, Top 10
Federal

The information provided in this document is intended to assist in the mitigation of threats associated with a Wireless Local Area Network (WLAN) deployment by offering security advice to be used during the high-level design phase.

Last Updated: Dec. 12, 2019
Date Published: Mar. 7, 2013
Organization: Communications Security Establishment Canada
Formats: HTML
Keywords:  Wireless, Network Security
Federal

A virtual private network (VPN) is a secure connection between two points, such as your laptop and your organization’s network. A VPN acts as a tunnel that you can use to send and receive secure data on an existing physical network. For example, a telework employee can use a VPN to send data that is encrypted until it reaches its destination (e.g. work server, teleworker).

Last Updated: Dec. 10, 2019
Date Published: Oct. 8, 2019
Organization: Communications Security Establishment Canada
Formats: PDF HTML
Keywords:  Cyber Defence, Remote Access, Network Security, Risk Management
Federal

As an employee, you’re not only privy to important and sensitive information, but you’re also responsible for protecting this information. Inadequate information technology security (ITS) practices provide cyber threat actors with an easy way to bring down your organization’s network and give them access to sensitive information. To keep threat actors out, there are some common IT security challenges you can avoid.

Last Updated: Dec. 12, 2019
Date Published: Oct. 1, 2018
Organization: Communications Security Establishment Canada
Formats: PDF HTML
Keywords:  Cyber Defence, Identity and Passwords, Mobility, Wireless, Voice and Telephony, Your Privacy Online, Social Media
Federal

"In This Edition

CSE at GTEC 2016
Quantum Computing and the Security of Public Key Cryptography
Leveraging Blockchain for the Government of Canada
Mobile Security: Using GC Mobile Devices on Public Networks can be Risky
IT Security Learning Centre News
About this Newsletter
Subscribe
Contact Us

"

Last Updated: Dec. 12, 2019
Date Published: Oct. 1, 2016
Organization: Communications Security Establishment Canada
Formats: PDF HTML
Keywords:  Mobility, Wireless
Federal

This document provides guidance for deploying Microsoft Windows 7 Enterprise Edition operating system (OS) (i.e., Windows 7) in a manner that will best prevent compromise of Government of Canada (GC) IT assets and infrastructures in a generic internet-facing Protected B environment. It is intended for use by information system practitioners, security practitioners, and security assessment and authorization authorities who are collectively responsible for departmental networking risk management.

Last Updated: Dec. 12, 2019
Date Published: Oct. 1, 2014
Organization: Communications Security Establishment Canada
Formats: PDF HTML
Keywords:  Network Security, Operating Systems and Applications
Federal

"Patching operating systems and applications is one of the Top 10 Security Actions in CSE’s Top 10 IT Security Actions to Protect Government of Canada Internet-Connected Networks and Information (ITSB-89 Version 3). Implementing the Top 10 security actions as a package would prevent the vast majority of intrusions to which CSE currently responds.

Applying patches to operating systems, applications and devices is a critical activity in ensuring the security of systems. This document provides guidance on assessing known vulnerabilities and patches in order to determine the risk posed to an organization, the relative priority for patch deployment, as well as guidelines on how to deploy patches."

Last Updated: Dec. 12, 2019
Date Published: Mar. 1, 2015
Organization: Communications Security Establishment Canada
Formats: PDF HTML
Keywords:  Network Security, Operating Systems and Applications
Federal

Information Technology Security Guidance for Practitioners ITSP.30.031 V3 supersedes ITSP.30.031 V2 User Authentication Guidance for IT Systems and provides guidance on user authentication in IT systems. ITSP.30.031 V3 is also part of a suite of documents developed by CSE to help secure GC departmental networks. User authentication is imperative in keeping cyber threat actors out of departmental systems, and the security controls used to protect GC systems are critical elements in the design of IT infrastructure.

Last Updated: Dec. 12, 2019
Date Published: Apr. 1, 2018
Organization: Communications Security Establishment Canada
Formats: PDF HTML
Keywords:  Identity and Passwords
Date modified: