Open Government Portal
Open Data Search has recently undergone significant changes. The search page has moved to search.open.canada.ca/opendata. Please update existing bookmarks accordingly.
Found 10 records similar to Guidance on Cloud Security Assessment and Authorization (ITSP.50.105)
This document is part of a suite of documents that the Cyber Centre has developed to help secure cloud-based services. Security categorization, the selection of a security control profile, and the selection of a cloud deployment model and a cloud service model are the first three steps of the Cloud Security Risk Management approach. This approach is defined in ITSM.50.062 Cloud Security Risk Management.
This document is part of a suite of documents developed by the Cyber Centre to help secure cloud-based services and supports the cloud security risk management approach defined in ITSM.50.062 Cloud Security Risk Management.
"Cloud computing has the potential to provide your organization with flexible, on-demand, scalable, and self-service information technology (IT) provisioning. To deliver this potential, it is imperative that we address the security and privacy dimensions of cloud computing. Cryptography is one of the main pillars enabling security and privacy in cloud computing. It plays an essential role in enabling cloud services such as authentication, secure access to cloud workloads, secure data storage, and secure data exchange.
To enable the adoption of cloud computing, the Government of Canada (GC) developed an integrated risk management approach to establish cloud-based services. ITSM.50.062 outlines this approach which can be applied to all cloud based services independently of the cloud service and deployment models.
Organizations and individuals can benefit from using multi-factor authentication (MFA) to secure devices and accounts. With MFA enabled, two or more different authentication factors are needed to unlock a device or sign in to an account. Whether accessing email, cloud storage, or online banking services, MFA provides an extra layer of security from cyber attacks like credential stuffing. In credential stuffing, hackers use previously stolen credentials from one website, hoping that you have reused these credentials.
"This cyber security playbook guides elections authorities on anticipating, mitigating, and responding to threats that are specific to Canada’s democratic processes. This playbook introduces baseline cyber security measures and best practices that you can implement to improve your organization’s security profile. This playbook also provides a set of standards to reference as elections authorities continue to improve current systems and implement new ones. The guidance in this document is based on information gathered from various sources and is only intended to provide a set of recommendations that you can implement in addition to your organizational policies and practices.
When you work in the office, you benefit from the security measures that your organization has in place to protect its networks, systems, devices, and information from cyber threats. Working remotely provides flexibility and convenience. However, remote work can weaken your organization’s security efforts and put you at risk if you don’t take precautions. Read through our cyber security tips to ensure that you are practicing good cyber hygiene when working from home, a café, or any other public location.
This document is part of a suite of documents that focus on each of the top 10 IT security actions recommended in ITSM.10.189 Top 10 IT Security Actions to Protect Internet Connected Networks and Information . While implementing all 10 of the recommended security actions can reduce your organization’s vulnerability to cyber threats, you should review your current cyber security activities to determine whether additional actions are required.
This document presents the Canadian Centre for Cyber Security baseline cyber security controls wherein we attempt to apply the 80/20 rule (achieve 80% of the benefit from 20% of the effort) to the cyber security practices of small and medium organizations in Canada.
Remote work introduces some challenges when trying to balance functionality with security. When working remotely, your employees need to access the same internal services, applications, and information that they would have access to in the office. However, your organization also needs to protect its systems and information, as remote work introduces new vulnerabilities. You need to implement additional security precautions to prevent threat actors from taking advantage of those vulnerabilities.