Changes

This guide is primarily for business owners, web developers, IT and IT security practitioners who are involved in implementing externally-facing GC online services.

This guide is primarily for business owners, web developers, IT and IT security practitioners who are involved in implementing externally-facing GC online services.

'''Note: ITPIN 2018-01 [https://www.canada.ca/en/treasury-board-secretariat/services/information-technology/policy-implementation-notices/implementing-https-secure-web-connections-itpin.html Implementing HTTPS for Secure Web Connections] applies to departments as defined in [https://laws-lois.justice.gc.ca/eng/acts/f-11/page-1.html#h-227972 section 2 of the FAA only]:'''

'''Note: ITPIN 2018-01 [https://www.canada.ca/en/treasury-board-secretariat/services/information-technology/policy-implementation-notices/implementing-https-secure-web-connections-itpin.html Implementing HTTPS for Secure Web Connections] applies to departments as defined in [https://laws-lois.justice.gc.ca/eng/acts/f-11/page-1.html#h-227972 section 2 of the FAA]:'''

<br><br>

<br><br>

(a) any of the departments named in [https://laws-lois.justice.gc.ca/eng/acts/f-11/page-30.html#h-230472 Schedule I];<br>

(a) any of the departments named in [https://laws-lois.justice.gc.ca/eng/acts/f-11/page-30.html#h-230472 Schedule I];<br>

<br>

<br>

7. Based on the assessment, and using the [https://wiki.gccollab.ca/GC_HTTPS_Everywhere guidance available on GCcollab], the following activities may be required:

7. Based on the assessment, and using the [https://wiki.gccollab.ca/GC_HTTPS_Everywhere guidance available on GCcollab], the following activities may be required:

* Obtain certificates from a GC-approved certificate source as outlined in the [https://wiki.gccollab.ca/images/8/89/Recommendations_for_TLS_Server_Certificates.pdf Recommendations for TLS Server Certificates] for GC Public Facing Web Services

* Obtain certificates from a GC-approved certificate source as outlined in the [https://wiki.gccollab.ca/images/9/92/Recommendations_for_TLS_Server_Certificates_-_14_May_2021.pdf Recommendations for TLS Server Certificates] [https://wiki.gccollab.ca/images/8/8b/Recommendations_for_TLS_Server_Certificates_-_14_May_2021-FR-REV-NG.pdf Recommandations liées aux certificats de serveur TLS] for GC Public Facing Web Services

* Obtain the [https://wiki.gccollab.ca/GC_HTTPS_Everywhere/Implementation_Guidance configuration guidance] for the appropriate endpoints (e.g. web server, network/security appliances, etc.) and implement recommended configurations to support HTTPS.

* Obtain the [https://wiki.gccollab.ca/GC_HTTPS_Everywhere/Implementation_Guidance configuration guidance] for the appropriate endpoints (e.g. web server, network/security appliances, etc.) and implement recommended configurations to support HTTPS.

<br>

<br>

The use of continuous, distributed security analytics and infrastructure monitoring will support advanced awareness and automation, thus improving security of both the network and its users.   

The use of continuous, distributed security analytics and infrastructure monitoring will support advanced awareness and automation, thus improving security of both the network and its users.   

== Enquiries ==

== Enquiries ==