Line 84: |
Line 84: |
| * Contribute all improvements back to the communities | | * Contribute all improvements back to the communities |
| * Register Open Source software to the Open Resource Exchange | | * Register Open Source software to the Open Resource Exchange |
| + | <br> |
| | | |
| <b>Use SaaS hosted in the Cloud</b> | | <b>Use SaaS hosted in the Cloud</b> |
Line 89: |
Line 90: |
| * Align with SaaS capabilities; extend as Open Source modules | | * Align with SaaS capabilities; extend as Open Source modules |
| * Configuration over customization | | * Configuration over customization |
| + | <br> |
| | | |
| <b>Design for [https://www.gcpedia.gc.ca/wiki/En/GCinterop Interoperability]</b> | | <b>Design for [https://www.gcpedia.gc.ca/wiki/En/GCinterop Interoperability]</b> |
Line 94: |
Line 96: |
| * Use micro services scoped to a single purpose and API-led connectivity | | * Use micro services scoped to a single purpose and API-led connectivity |
| * Expose functionality as services, make services available through APIs and make the APIs discoverable | | * Expose functionality as services, make services available through APIs and make the APIs discoverable |
| + | <br> |
| | | |
| <b>Use DevOps / Continuous Integration to ensure maintainability and AB Testing</b> | | <b>Use DevOps / Continuous Integration to ensure maintainability and AB Testing</b> |
Line 113: |
Line 116: |
| * Enforce this order of preference: Public cloud first, then Hybrid cloud, then Private cloud, and lastly non-cloud (on-premises) solutions | | * Enforce this order of preference: Public cloud first, then Hybrid cloud, then Private cloud, and lastly non-cloud (on-premises) solutions |
| * Design for cloud mobility and develop an exit strategy to avoid vendor lock-in | | * Design for cloud mobility and develop an exit strategy to avoid vendor lock-in |
| + | <br> |
| | | |
| <b>Design for Performance, Availability, and Scalability</b> | | <b>Design for Performance, Availability, and Scalability</b> |
− | * Design for resiliency
| |
| * Ensure response times meet user needs, and critical services are highly available | | * Ensure response times meet user needs, and critical services are highly available |
| * Support zero-downtime deployments for planned and unplanned maintenance | | * Support zero-downtime deployments for planned and unplanned maintenance |
Line 133: |
Line 136: |
| <b>Build Security into the Full System Life Cycle, Across All Architectural Layers</b> | | <b>Build Security into the Full System Life Cycle, Across All Architectural Layers</b> |
| * Identify and classify risks associated to the service’s business objectives, goals, and strategy | | * Identify and classify risks associated to the service’s business objectives, goals, and strategy |
− | * Design security measures according to business and user needs, risks identified, and security categorization of the information and assets; integrate security across all architectural layers (BIAT). | + | * Design security measures according to business and user needs, risks identified, and security categorization of the information and assets; integrate security across all architectural layers (BIAT) |
− | ** Maintain focus on users’ ease of use through selection of context-appropriate controls
| + | * Design systems to not be susceptible to common security vulnerabilities; resilient and can be rebuilt quickly in the event of compromise; and fail secure if the system encounters an error or crashes |
− | ** Apply an information-centric approach to reduce resources’ exposure to threats, and minimize the opportunity for compromise.
| + | * Ensure that data received from external parties is profiled and validated prior to its use |
− | ** Protect data while in transit, in use and at rest using appropriate encryption and protocols. Ensure effective disposition of data per retention schedules, following service sunset.
| + | <br> |
− | * Design systems that: are not susceptible to common security vulnerabilities; are resilient and can be rebuilt quickly in the event of compromise; and fail secure if the system encounters an error or crashes. | |
− | * Reduce human intervention and maximize automation of security tasks and processes. | |
− | ** Integrate and automate security testing to validate code and address vulnerabilities prior to deployments
| |
| | | |
| <b>Ensure Secure Access to Systems and Services</b> | | <b>Ensure Secure Access to Systems and Services</b> |
− | * Identify and authenticate users and devices to an appropriate level of assurance before granting access to information and services. | + | * Identify and authenticate individuals, processes and/or devices to an appropriate level of assurance before granting access to information and services |
− | * Separate and compartmentalize user responsibilities and privileges; assign the least set of privileges necessary to complete the job.
| + | * Constrain service interfaces to authorized entities (users and devices), with clearly defined roles |
− | * Constrain service interfaces to authorized entities (users and devices), with clearly defined roles, and only expose the interfaces necessary to operate the service | + | * Make use of modern password guidance, and prioritizing length over complexity, eliminating expiry, and blacklisting common passwords |
− | * Make use of modern credential guidance, and use GC-approved multi-factor authentication where required to stop unauthorized access. | + | <br> |
| | | |
| <b>Maintain Secure Operations</b> | | <b>Maintain Secure Operations</b> |
− | * Integrate SA&A activities into security architecture lifecycle processes, to ensure reference artefacts remain relevant and valid. | + | * Integrate aggregate outputs from security assessment and authorization activities into security architecture lifecycle processes, to ensure reference artefacts remain relevant and valid |
− | * Continuously monitor system events and performance in order to detect, prevent, and respond to attacks. | + | * Design processes to operate and manage services securely, and continuously monitor system events and performance in order to detect, prevent, and respond to attacks |
− | * Design processes to operate services securely, and establish processes and mechanisms to respond effectively to security events.
| + | * Establish processes to monitor security advisories, and apply security-related patches and updates to reduce exposure to vulnerabilities. Apply appropriate risk-based mitigations when patches can’t be applied |
− | * Collect transaction logs at infrastructure and application levels to support automated root-cause analysis and performance tuning.
| |
− | * Include an audit function in information systems. Use a trusted time source and protect audit logs from manipulation.
| |
− | * Establish processes to monitor security advisories, and apply security-related patches and updates. Apply appropriate risk-based mitigations when patches can’t be applied. | |
| <br> | | <br> |
| + | |
| <b> Privacy by Design </b> | | <b> Privacy by Design </b> |
| * Perform a privacy impact assessment (PIA) to support risk mitigation activities when personal information is involved | | * Perform a privacy impact assessment (PIA) to support risk mitigation activities when personal information is involved |