|
|
Line 60: |
Line 60: |
| <!-- Whats New end --> | | <!-- Whats New end --> |
| | | |
− |
| |
− |
| |
− | {| width="100%" cellpadding="10" cellspacing=15px
| |
− |
| |
− | |-valign="top"
| |
− | |style="border-left: 10px solid #FF792C; box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19); color: black; background-color: white; font-size:1.2em;" |
| |
− |
| |
− | <span style="font-size: 1.5em;">Governance & Policy</span><br>
| |
− | Policies and guides to help departments govern their usage of cloud.<br>
| |
− | * [https://www.canada.ca/en/government/system/digital-government/digital-government-innovations/cloud-services.html GC Cloud Policies & Direction]
| |
− | ** [https://www.canada.ca/en/government/system/digital-government/digital-government-innovations/cloud-services/direction-secure-use-commercial-cloud-services-spin.html Direction on the Secure Use of Commercial Cloud Services]
| |
− | ** [https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=32601 Directive on Service & Digital](Cloud First 4.4.1.9 / Data Residency 4.4.1.10 / Non-Public Cloud GC EARB Assessments 4.1.1.2.4)
| |
− | *** [https://gcconnex.gc.ca/file/view/59536059/tb-guideline-service-digital-pdf?language=en Guideline on the Directive on Service and Digital] (more on data residency)
| |
− | ** [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/government-canada-standards-apis.html GC Standards on APIs]
| |
− | ** [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/cloud-computing/government-canada-security-control-profile-cloud-based-it-services.html Government of Canada Security Control Profile for Cloud-Based GC IT Services]
| |
− | ** [https://intranet.canada.ca/wg-tg/cagc-angc-eng.asp Guidance on Cloud Authentication for the Government of Canada]
| |
− | ** [https://intranet.canada.ca/wg-tg/rtua-rafu-eng.asp Recommendations for Two-Factor User Authentication Within the Government of Canada Enterprise Domain]
| |
− | ** [https://www.gcpedia.gc.ca/gcwiki/images/5/5f/GC_Cloud_Event_Management_Standard_Operating_Procedure.pdf Standard Operating Procedure for GC Cloud Event Management]
| |
− | * [https://github.com/canada-ca/cloud-guardrails GC Cloud Guardrails]
| |
− | ** GC EARB Guardrails Endorsement (September 19th)
| |
− | ** [https://github.com/canada-ca/cloud-guardrails-azure GC Cloud Guardrails Tools for Azure]
| |
− | ** [https://github.com/canada-ca/cloud-guardrails-aws/tree/master/tools/prowler GC Cloud Guardrails Prowler Checks for AWS]
| |
− | ** [https://github.com/canada-ca/cloud-guardrails-O365 GC Guardrails for MS Office 365]
| |
− | ** [[Media:GC_Cloud_Guardrails_GCEARB_changes_Aug_2020.pdf|GC Cloud Guardrails - Updated Process, Endorsed at GCEARB Aug 2020]]
| |
− | * Canadian Centre for Cyber Security Guidance
| |
− | ** [https://cyber.gc.ca/en/guidance/baseline-security-requirements-network-security-zones-government-canada-itsg-22 CCCS ITSG-22 Baseline Security Requirements for Network Security Zones in the Government of Canada]
| |
− | ** [https://cyber.gc.ca/en/guidance/network-security-zoning-design-considerations-placement-services-within-zones-itsg-38 CCCS ITSG-38 Network Security Zoning - Design Considerations for Placement of Services within Zones]
| |
− | ** [https://cyber.gc.ca/en/guidance/user-authentication-guidance-information-technology-systems-itsp30031-v3 CCCS ITSP.30.031 V2 User Authentication Guidance for Information Technology Systems]
| |
− | ** [https://www.cse-cst.gc.ca/en/node/1830/html/26507 CCCS ITSP.40.062 Guidance on Securely Configuring Network Protocols]
| |
− | ** [https://cyber.gc.ca/en/guidance/cloud-service-provider-information-technology-security-assessment-process-itsm50100 CCCS ITSM.50.100 Cloud Service Provider Information Technology Security Assessment Process]
| |
− | ** [https://cyber.gc.ca/en/publications Canadian Centre for Cyber Security Publications]
| |
− | <!--* [[Media:Data_resdiency_and_amazon_connect.pdf| Data Residency and Amazon Connect]]-->
| |
− | *[https://www.gcpedia.gc.ca/gcwiki/images/c/c5/GC_Zero_Trust_Security_Concept.pdf TBS Zero Trust Initiative]
| |
− | *[https://www.gcpedia.gc.ca/gcwiki/images/7/7c/Considerations_for_Using_Microsoft_Cognitive_Services.pdf Considerations for Using Microsoft Cognitive Services]
| |
− | *[https://github.com/canada-ca/TBS-OCIO-ESP/blob/master/gc_cloud_cost_management_guidance/readme.md GC Cloud Cost Management Playbook]
| |
− | |}
| |
| | | |
| | | |