Open Government Portal

This bulletin aims to describe the risks posed by, and possible mitigations for, the exposure of classified IT systems to wireless signals and mobile devices that are not authorized to connect to those systems. The intended audience for this bulletin includes those responsible for IT security risk management activities as well as information system security practitioners.

Risk Management
Cyber Mitigation – Patching
Best Practices – Passwords
Securing WLANs
Procuring Assured Products for Protected B Networks

Cloud Service Providers (CSPs) offer three service models and four deployment models. The service models provide customers with the ability to use a provider’s cloud services. The deployment models offer customers different ways of using cloud services.

o Network Security Zones
o Smart Computing Tips for Everyone
o Securing WLANs
o Risk Management for iPads
o Common Challenges to Adopting a Risk Management Strategy
o Minimizing Administrative Privileges
o Java Mitigation Measures

This document provides high-level guidance on what constitutes managing and controlling administrative privileges and how to apply this security action effectively.

This document provides high-level guidance on what application whitelisting is, what it is not, and how to apply it effectively in a Windows-based environment.

"The COMSEC Installation Planning – Guidance and Criteria (ITSG-11) has been superseded by Emission Security (EMSEC) Guidance (ITSG-11A) February 2016 which is a Protected publication, issued under the authority of the Chief, Communications Security Establishment (CSE).

To access, or obtain, a copy of the publication, please visit the COMSEC User Portal (CUP) at: https://comsecportal.cse-cst.gc.ca, or contact your departmental COMSEC Custodian."

"This document is the Quality Manual for the Certification Body (CB). This manual describes the organization of the CB and its Quality Management System (QMS). This Quality Manual is intended to satisfy the requirements of the Common Criteria Recognition Arrangement (CCRA). This document describes the policies and high-level procedures of the CB as well as the roles and responsibilities of CB staff.

To enable the adoption of cloud computing, the Government of Canada (GC) developed an integrated risk management approach to establish cloud-based services. ITSM.50.062 outlines this approach which can be applied to all cloud based services independently of the cloud service and deployment models.

The economic impact of the wireless telecommunications carriers industry in Canada, by province, expressed as the direct, indirect and induced effects on output, gross value added at basic prices and the number of jobs.