429
edits
Changes
Jump to navigation
Jump to search
Line 38:
Line 38: + − + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
no edit summary
* [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/cloud-services/cloud-security-risk-management-approach-procedures.html Risk-management for cloud-based services] - Protect cloud services by ensuring that the proper security controls are in place.
* [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/cloud-services/cloud-security-risk-management-approach-procedures.html Risk-management for cloud-based services] - Protect cloud services by ensuring that the proper security controls are in place.
* [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/cloud-services/gc-white-paper-data-sovereignty-public-cloud.html Data sovereignty in cloud environments] - Assessing the risks of foreign governments accessing Canadian data in the cloud.
* [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/cloud-services/gc-white-paper-data-sovereignty-public-cloud.html Data sovereignty in cloud environments] - Assessing the risks of foreign governments accessing Canadian data in the cloud.
== Cloud Security ==
== Cloud Security ==
Learn recommendations and actions that your Department can implement to protect your networks through the [https://www.gcpedia.gc.ca/wiki/Cloud_Security_Initiative Cloud Security Intiative]
=== Policies and Standards ===
::* Policy on Management of Information Technology
::* Policy on Government Security
::* Direction for Electronic Data Residency, ITPIN No: 2017-02
::* Direction on the Secure Use of Commercial Cloud Services: Security Policy Implementation Notice (SPIN)
=== Guidance ===
::* Government of Canada Security Control Profile for Cloud-Based GC IT Services
::* Government of Canada Cloud Security Risk Management Approach and Procedures
::* CCCS ITSG-22 Baseline Security Requirements for Network Security Zones in the Government of Canada
::* CCCS ITSG-38 Network Security Zoning - Design Considerations for Placement of Services within Zones
::* CCCS ITSP.30.031 V2 User Authentication Guidance for Information Technology Systems
::* CCCS ITSP.40.062 Guidance on Securely Configuring Network Protocols
::* CCCS ITSM.50.100 Cloud Service Provider Information Technology Security Assessment Process
::* Guidance on Cloud Authentication for the Government of Canada
::* Recommendations for Two-Factor User Authentication Within the Government of Canada Enterprise Domain
::* GC Event Logging Strategy (Draft)
::* Standard Operating Procedure for GC Cloud Event Management
::* Security Playbook for Information System Solutions
=== Tools & Templates ===
::* https://gccode.ssc-spc.gc.ca/GCCloudEnablement
::* https://github.com/canada-ca/accelerators_accelerateurs-azure
::* https://github.com/canada-ca/accelerators_accelerateurs-aws
== Cloud Security Initiative ==
Learn recommendations and actions that your Department can implement to protect your networks through the Treasury Board Secretariat’s Cyber Security inititative [https://www.gcpedia.gc.ca/wiki/Cloud_Security_Initiative Cloud Security Intiative]
</big></big>
</big></big>
{{GC Cloud Information Centre Footer}}
{{GC Cloud Information Centre Footer}}
__FORCETOC__
__FORCETOC__
