|
|
| Line 19: |
Line 19: |
| | ! style="background: #c2c2fa; color: black" width="16%" scope="col" | [[Other Resources]] | | ! style="background: #c2c2fa; color: black" width="16%" scope="col" | [[Other Resources]] |
| | |} </div></div> | | |} </div></div> |
| − | | + | {{Delete|reason=Expired Content}} |
| − | {{TOCright}} | |
| − | | |
| − | == GC ESA Artifacts ==
| |
| − | [[Media:GC ESA Program Charter.pdf|GC ESA Program Charter]] -- [[ESA Program Charter|<u>'''Synopsis'''</u>]] // [[Media:Charte du programme.pdf| Charte du programme de l'ASI du GC]]
| |
| − | | |
| − | [[Media: GC ESA Program Implementation Framework.pdf|GC ESA Program Implementation Framework]] -- [[ESA Program Implementation Framework|<u>'''Synopsis'''</u>]]
| |
| − | | |
| − | [[Media:GC ESA Framework.pdf|GC ESA Framework]] -- [[ESA Framework|<u>'''Synopsis'''</u>]]
| |
| − | | |
| − | [[Media:GC ESA Backgrounder.pdf|GC ESA Backgrounder]] -- [[ESA Backgrounder (Strategy)|<u>'''Synopsis'''</u>]]
| |
| − | | |
| − | [[Media:GC ESA Vision and Strategy.pdf|GC ESA Vision and Strategy]]
| |
| − | | |
| − | [[Media:GC ESA Enterprise Threat Assessment for Executives.pdf|GC ESA Enterprise Threat Assessment - January 2017 Update]]
| |
| − | | |
| − | [[Media:GC ESA Requirements Database Overview.pdf|GC ESA Requirements Database Overview]]
| |
| − | | |
| − | [[Media:GC ESA Architectural Needs Report.xlsx|GC ESA Architectural Needs]]
| |
| − | | |
| − | GC ESA System Requirements Traceability Matrix
| |
| − | | |
| − | GC ESA Security Controls Mapping Matrix
| |
| − | | |
| − | [[Media:Mobile Device Security Considerations Discussion Paper.pdf|Mobile Device Security Considerations Discussion Paper]]
| |
| − | | |
| − | [[Media:GC ESA - PALL-PBMM Security Control Profile Analysis.pdf|GC ESA PALL-PBMM Security Control Profile Analysis]]
| |
| − | | |
| − | [[Media:GC ESA Security Guide for Installation of Interconnections.docx|GC ESA Security Guide for Installation of Interconnections]]
| |
| − | | |
| − | === ''GC ESA Concept of Operations'' ===
| |
| − | [[Media:GC Enterprise Security ConOps.pdf|GC ESA ConOps Main Body]] -- '''[[ESA Security ConOps|<u>Synopsis</u>]]'''
| |
| − | | |
| − | [[Media:GC Enterprise Security ConOps - ANNEX A DLP.pdf|GC ESA ConOps Annex A: Data Loss Prevention]] -- '''<u>[[Annex A: Data Loss Prevention|Synopsis]]</u>'''
| |
| − | | |
| − | [[Media:GC Enterprise Security ConOps - ANNEX B Cloud Security.pdf|GC ESA ConOps Annex B: Cloud Security]] -- '''<u>[[Annex B: Cloud Security|Synopsis]]</u>'''
| |
| − | | |
| − | [[Media:GC ESA ConOps - ANNEX C Secure Enterprise Application Delivery.pdf|GC ESA ConOps Annex C: Secure Enterprise Application Delivery]] -- '''<u>[[Annex C: Secure Enterprise Application Delivery|Synopsis]]</u>'''
| |
| − | | |
| − | [[Media:GC ESA ConOps - ANNEX D Secure Enterprise Systems Administration.pdf|GC ESA ConOps Annex D: Secure Enterprise Systems Administration]] -- '''<u>[[Annex D: Secure Enterprise Systems Administration|Synopsis]]</u>'''
| |
| − | | |
| − | [[Media:GC ESA ConOps - ANNEX E GC Enterprise VMS.pdf|GC ESA ConOps Annex E: Vulnerability Management System]] -- '''<u>[[Annex E: Vulnerability Management System|Synopsis]]</u>'''
| |
| − | | |
| − | ===''GC ESA Description Documents'' ===
| |
| − | [[Media:GC ESA Description Document (ESADD) - Main Body.pdf|GC ESA Description Document Main Body]] -- [[ESA Architecture Description Document (ESADD)|<u>'''Synopsis'''</u>]]
| |
| − | | |
| − | [[Media:GC ESA Description Document (ESADD) - ANNEX A END.pdf|GC ESA Description Document Annex A - Endpoint Security (END)]] -- <u>'''[[Annex A: Endpoint Security|Synopsis]]'''</u>
| |
| − | | |
| − | [[Media:GC ESA Description Document (ESADD) - ANNEX B DAT.pdf|GC ESA Description Document Annex B - Data Security (DAT)]] -- <u>'''[[Annex B: Data Security|Synopsis]]'''</u>
| |
| − | | |
| − | [[Media:GC ESA Description Document (ESADD) - ANNEX C NCS.pdf|GC ESA Description Document Annex C - Network and Communications Security (NCS)]] -- <u>'''[[Annex C: Network and Communications Security|Synopsis]]'''</u>
| |
| − | | |
| − | [[Media:GC ESA Description Document (ESADD) - ANNEX D OPS.pdf|GC ESA Description Document Annex D - Security Operations (OPS)]]
| |
| − | | |
| − | [[Media:GC ESA Description Document (ESADD) - ANNEX E APP.pdf|GC ESA Description Document Annex E - Application Security (APP)]]
| |
| − | | |
| − | [[Media:GC ESA Description Document (ESADD) - ANNEX F CSS.pdf|GC ESA Description Document Annex F - Compute and Storage Services Security (CSS)]]
| |
| − | | |
| − | === ''GC ESA Pattern Diagrams & Use Cases'' ===
| |
| − | [[Endpoint Security|GC ESA END Pattern Diagrams and Use Cases]]
| |
| − | | |
| − | [[Data Security|GC ESA DAT Pattern Diagrams and Use Cases]]
| |
| − | | |
| − | [[Network and Communications Security|GC ESA NCS Pattern Diagrams and Use Cases]]
| |
| − | | |
| − | [[Security Operations|GC ESA OPS Pattern Diagrams and Use Cases]]
| |
| − | | |
| − | [[Application Security|GC ESA APP Pattern Diagrams and Use Cases]]
| |
| − | | |
| − | [[Compute and Storage Services Security|GC ESA CSS Pattern Diagrams and Use Cases]]
| |
| − | | |
| − | == GC ESA Initiatives ==
| |
| − | | |
| − | '''Cloud Security'''
| |
| − | <br>
| |
| − | [[Media:GC Cloud Security Risk Management Approach and Procedures - EN.pdf|GC Cloud Security Risk Management Approach and Procedures]] // [[Media:Approche et procédures de gestion des risques liés à la sécurité de l’informatique en nuage - FR.pdf|Approche et procédures de gestion de risque de la sécurité de l’informatique en nuage]]
| |
| − | [[Media:GC Cloud Profile PBMM - EN.pdf|GC Security Control Profile for Cloud-Based GC IT Services (PB/M/M) (Version 1.1, March 2018)]] // [[Media:GC Cloud Profile PBMM - FR.pdf|Profil de contrôle de sécurité pour les services de la TI du GC fondés sur l’informatique en nuage (PB/M/M) (Version 1.1, mars 2018)]]
| |
| − | * [[Media:GC Cloud Security Controls v1.1.xls|Version 1.1 - Appendix A Matrix (Excel)]]
| |
| − | * [[Media:GC Cloud Profile PBMM v1.1 - EN (Track Changes).pdf|Track Changes Version 1.1]]
| |
| − | **''Archived Versions''
| |
| − | *** [[Media:GC Cloud Profile PBMM v1.0 - EN.pdf|GC Security Control Profile for Cloud-based GC IT Services (PB/M/M) (Version 1.0, Feb 2017)]] // [[Media:GC Cloud Profile PBMM v1.0 - FR.pdf|Profil de contrôle de sécurité pour les services de la TI du GC fondés sur l’informatique en nuage (PB/M/M) (Version 1.0, fev 2017)]]
| |
| − | ***[[Media:GC Cloud Security Controls v1.0.xls|Version 1.0 - Appendix A Matrix (Excel)]]
| |
| − | ***[[Media:GC Cloud Profile PBMM v1.0 - EN (Track Changes).pdf|Track Changes Version 1.0]]
| |
| − | [[Media:GC Cloud Tiered Assurance Model.xlsx|GC Cloud Tiered Assurance Model]]<br>
| |
| − | [[Media:GC SaaS Assessment Tool.xlsx|GC SaaS Assessment Tool]]<br>
| |
| − | [[Media:GC Enterprise Hybrid Cloud High-Level Design.pdf|GC Enterprise Hybrid Cloud High-Level Design]]
| |
| − | <br>
| |
| − | [[Media:Considerations for Use of Cryptography in Cloud.pdf|Considerations for the Use of Cryptography in Cloud]] //
| |
| − | [[Media:Considérations relatives à l’utilisation de la cryptographie dans les services d’informatique en nuage commerciaux.pdf|Considérations relatives à l’utilisation de la cryptographie dans les services d’informatique en nuage commerciaux]]
| |
| − | <br>
| |
| − | [[Media:GC ESA Security Design Patterns for SaaS-based Solutions.pdf|GC ESA SaaS Design Patterns]]
| |
| − | *[[Media:Baseline controls for SaaS Solutions.xlsx|Baseline controls for SaaS Solutions]]
| |
| − | [[Media:GC Secure Cloud Connectivity Requirements.pdf|GC Secure Cloud Connectivity Requirements]]
| |
| − | * [[Media:GC Cloud Access Use Cases.xlsx|GC Cloud Access Use Cases]]
| |
| − | * [[Media:GC Cloud Connection Patterns.pdf|GC Connection Patterns]]
| |
| − | [[Media:GC Cloud Guardrails.pdf|<nowiki/>]][[Media:GC Cloud Guardrails.pdf|GC Cloud Guardrails]]
| |
| − | *[https://www.gcpedia.gc.ca/gcwiki/images/e/ed/GC_Cloud_Guardrails.xlsx GC Cloud Guardrails - Initial 30 Days (Scope is security of the cloud tenant)]
| |
| − | *[[Media:SOP for Validating Cloud Guardrails.pdf|<nowiki/>]][[Media:SOP for Validating Cloud Guardrails.pdf|Standard Operating Procedure for Validating Cloud Guardrails]]
| |
| − | *[https://canada-ca.github.io/cloud-guardrails-O365 GC Cloud Guardrails for Office 365]
| |
| − | *[[Media:Office 365 Security Baseline Configuration.xlsx|Office 365 Security Baseline Configuration]] **Version 1.6 update**
| |
| − | *[[Media:GC Departmental Domains.xlsx|GC Departmental Domains - External Access Configuration]]
| |
| − | [[Media:Considerations for Enabling Collaboration in MS Teams.pdf|Considerations for Enabling Collaboration in MS Teams]] / [[Media:Considérations pour faciliter la collaboration dans Microsoft Teams.pdf|Considérations pour faciliter la collaboration dans Microsoft Teams]]
| |
| − | | |
| − | [[Media:Considerations for Using Microsoft Cognitive Services.pdf|Considerations for Using Microsoft Cognitive Services]] / [[Media:Considérations liées à l’utilisation de Microsoft Cognitive Services.pdf|Considérations liées à l’utilisation de Microsoft Cognitive Services]]
| |
| − | <br>
| |
| − | [[Media:GC Cloud Enablement - The Building Blocks.pptx|GC Cloud Enablement - The Building Blocks]] / [[Media:Les éléments de base pour les solutions infonuagiques du GC.pptx|Les éléments de base pour les solutions infonuagiques du GC]]
| |
| − | <br>
| |
| − | <br>
| |
| − | <br>
| |
| − | '''Application Security'''
| |
| − | <br> [[Media:GC DevSecOps Conceptual Framework.pdf|GC DevSecOps Conceptual Framework]]
| |
| − | <br> [[Media:Guidance for Software Assurance.pdf|DRAFT Guidance on Software Assurance]]
| |
| − | <br> [[Media:Guidance for Secure Application Development.pdf|DRAFT Guidance for Secure Application Development]]
| |
| − | <br> [[Media:Guidance for Secure Containers and Microservices.pdf|DRAFT Guidance for Secure Containers and Microservices]]
| |
| − | <br> [[Media:Security Controls Mapping to Docker and Kubernetes.xlsx|DRAFT Security Controls Mapping to Docker and Kubernetes]]
| |
| − | <br>[[Media:Application Security Training.pdf|Application Security Training - Sept 2018]]<br>
| |
| − | <br>
| |
| − | '''Data Loss Prevention'''
| |
| − | <br> [[Media:GC Enterprise DLP HLD.pdf|GC ESA Data Loss Prevention High-Level Design]]
| |
| − | <br> [[Media:GC Enterprise DLP Implementation Strategy.pdf|GC Enterprise Data Loss Prevention Implementation Strategy]]
| |
| − | <br> [[Media:DRAFT for Discussion - GC Data Protection Strategy - DLP Initiative.pdf|DRAFT GC ESA Data Protection Strategy - DLP Initiative Presentation]]
| |
| − | <br>
| |
| − | <br> '''Vulnerability Management System'''
| |
| − | <br> [[Media:GC Enterprise VMS HLD.pdf|GC ESA Vulnerability Management System High-Level Design]]
| |
| − | <br> [[Media:Overview of Vulnerability Disclosure for the GC.pdf|Overview of Vulnerability Disclosure for the GC]]
| |
| − | <br> [[Media:Vulnerability Disclosure Program for the GC - Recommendations Report.pdf|Vulnerability Disclosure Program for the GC - Recommendations Report]]
| |
| − | <br> [[Media:Vulnerability Disclosure Policy Template.pdf|Vulnerability Disclosure Policy Template]]
| |
| − | <br>
| |
| − | <br> '''GC Trusted Interconnection Points (GC-TIP)'''
| |
| − | <br> [[Media:GC Trusted Interconnection Points (GC-TIP) Concept.pdf|GC Trusted Interconnection Points (GC-TIP) Concept]]
| |
| − | <br>
| |
| − | <br> '''GC Endpoint Visibility and Awareness (EVA)'''
| |
| − | <br> [[Media:GC Endpoint Visibility and Awareness (EVA) Concept.pdf|GC Endpoint Visibility and Awareness (EVA) Concept]]
| |
| − | <br>
| |
| − | <br> '''GC Zero Trust Security (ZTS)'''
| |
| − | <br> [[Media:GC Zero Trust Security Concept.pdf|GC Zero Trust Security (ZTS) Concept]]
| |
| − | <br> [[Media:GC Zero Trust Reference Architecture.pdf|DRAFT GC Zero Trust Security Reference Architecture]]
| |
| − | <br>
| |
| − | <br> '''GC Enterprise Continuous Monitoring'''
| |
| − | <br> [[Media:GC Enterprise Information Security Continuous Monitoring Concept Paper.pdf|DRAFT GC Enterprise Information Security Continuous Monitoring Concept]]
| |
| − | <br>
| |
| − | <br>
| |
| − | '''Identity, Credential, and Access Management'''
| |
| − | <br>[https://github.com/canada-ca/CATS-STAE Cyber Authentication Technology Solutions (CATS) specifications (2.0 and draft 3.0)]<br>[https://github.com/canada-ca/CATS-STAE/tree/develop/Social DRAFT Social Media Login Guidance]
| |
| − | <br>[[Media:GC Cloud Authentication Guidance.pdf|''GC Cloud Authentication Guidance'']]
| |
| − | <br>[[Media:Recommendations for 2FA within the GC Enterprise Domain.pdf|Recommendations for Two-Factor Authentication within the GC Enterprise Domain]]
| |
| − | <br>[[Media:GC MFA Strategy.pdf|<nowiki/>]][[Media:GC MFA Strategy.pdf|GC Multi-Factor Authentication (MFA) Strategy Paper]]
| |
| − | | |
| − | '''Password Guidance'''<br>[https://www.canada.ca/en/government/system/digital-government/online-security-privacy/password-guidance.html GC Password Guidance]
| |
| − | <br>[[Media:Implementation Strategy for GC Password Guidance.pdf|DRAFT Implementation Strategy for GC Password Guidance]]
| |
| − | <br>[[Media:GC password manager guidance v0.4 27Jan 20.docx|<nowiki/>]][https://www.gcpedia.gc.ca/gcwiki/images/b/bd/GC_Password_Manager_Guidance_%28July_2020%29.pdf GC Password Manager Guidance]
| |
| − | [https://www.gcpedia.gc.ca/gcwiki/images/b/bd/GC_Password_Manager_Guidance_%28July_2020%29.pdf <br>][https://www.gcpedia.gc.ca/gcwiki/images/d/dd/Generic-BRD-Active-Directory-Passphrase-Compatibility-Tools.xlsm Generic BRD for AD Passphrase Compatibility Tools]
| |
| − | | |
| − | <br>
| |
| − | | |
| − | == Guidance ==
| |
| − | <br>
| |
| − | [https://www.gcpedia.gc.ca/wiki/SPIN_2015-01 SPIN-2015 Priority IT Actions]
| |
| − | <br> [https://www.gcpedia.gc.ca/wiki/SPIN_2015-01_Follow-Up_Activities SPIN-2015 Follow-up Activities]
| |
| − | <br>
| |
| − | [[Media:Guidance for the Secure Use of Collaboration Tools.pdf|Guidance for the Secure Use of Collaboration Tools]] / [[Media:Orientation sur la facilitation de l’accès aux services Web.pdf|Orientation sur la facilitation de l’accès aux services Web]] <br>
| |
| − | | |
| − | [[Media:Availability by Design Position Paper.pdf|DRAFT Availability by Design Position Paper]]<br>
| |
| − | | |
| − | [[Media:Rationale for the Protection Against Exploits of Shared Resources.pdf|Rationale for the Protection Against Exploits of Shared Resources]] *DRAFT*<br>
| |
| − | | |
| − | [[Media:ITSG-33 Primer for IT Projects.pdf|ITSG-33 Primer for IT Projects]]
| |
| − | <br>
| |
| − | [[Media:GC Event Logging Guidance.pdf|GC Event Logging Guidance]]
| |
| − | <br>
| |
| − | [[Media:GC Patch Management Guidance.pdf|GC Patch Management Guidance]]
| |
| − | <br>
| |
| − | [[Media:Security Playbook for Information System Solutions.pdf|Security Playbook for Information System Solutions]]
| |
| − | *[[Media:Baseline security controls for applications.xlsx|Baseline security controls for applications - Version 1.0 - Appendix A Matrix (Excel)]]
| |
| − | [[Media:Ransomware FAQ.pdf|Ransomware FAQ]]
| |
| − | <br>
| |
| − | [[Media:Considerations for GC Communication Technologies.pdf|Considerations for GC Communication Technologies]] / [[Media:Considérations liées aux technologies des communications du GC.pdf|Considérations liées aux technologies des communications du GC]]
| |
| − | <br>
| |
| − | | |
| − | == Security Control Profiles ==
| |
| − | [[Media:HR Services Security Control Profile.zip|Security Control Profile for Human Resources Services]]
| |
| − | <br>
| |
| − | [[Media:FM Services Security Control Profile.zip|Security Control Profile for Financial and Material Management Resources Services]]
| |
| − | <br>
| |
| − | [[Media:IM Services Security Control Profile.zip|Security Control Profile for Information Management Services]]
| |
| − | <br>
| |
| − | | |
| − | | |
| − | == Standard Operating Procedures ==
| |
| − | [[Media:Guideline for Authorization of Enterprise Systems.pdf|Guideline for Authorization of Enterprise Systems]]
| |
| − | <br>[[Media:GC Cloud Event Management Standard Operating Procedure.pdf|GC Cloud Event Management Standard Operating Procedure]]
| |
| − | <br>[[Media:Exception Request for Inverse Split Tunneling Allow List.xlsx|Exception Process for Inverse Split Tunneling Allow List]] / [[Media:Demande d’exception visant une mise sur liste blanche de la segmentation du tunnel inverse.xlsx|Demande d’exception visant une mise sur liste autoriser de la segmentation du tunnel inverse]]
| |
| − | <br>[[Media:Netlogon Remediation Procedure.docx|Netlogon Remediation Procedure]] / [[Media:Netlogon Remediation Procedure-FR.docx|Procédure de correction pour Netlogon]]
| |
| − | | |
| − | == Tools ==
| |
| − | [[Media:GC ESA Tools Report.pdf|GC ESA Tools Report]]
| |
| − | | |
| − | [[Media:Tool-Security Categorization.zip|Security Categorization Tool (incl. Manual & Example)]]
| |
| − | | |
| − | [[Media:Tool-Business Needs for Security.zip|Business Needs for Security Tool (incl. User Manual)]]
| |
| − | | |
| − | [[Media:Tool-Threat Assessment.zip|Threat Assessment Tool (incl. Manual & Example)]]
| |
| − | | |
| − | <br>
| |
| − | | |
| − | == Templates ==
| |
| − | [[Media: ITSG-33 Controls Template.vsd|ITSG-33 Controls Template (.VSD)]]
| |
| − | | |
| − | [[Media:GC ESA Concept of Operations (ConOps) Template.docx|Concept of Operations (ConOps) Template]]
| |
| − | | |
| − | [[Media:GC ESA System Concept (SysCon) Document Template.docx|System Operational Concept (SysCon) Template]]
| |
| − | | |
| − | [[Media:GC ESA Guide for ConOps and SysCon Document Templates.pdf|GC ESA Guide for ConOps and SysCon Document Templates]]
| |
| − | | |
| − | [[Media:Comments Template.xlsx|Comments Template]]
| |
| − | | |
| − | <br>
| |
| − | | |
| − | == Presentations ==
| |
| − | [[Media: Introduction to Enterprise Security Architecture (GC Security Summit 2014).pptx|Introduction to Enterprise Security Architecture (GC Security Summit 2014)]]
| |
| − | | |
| − | [[Media: Introduction au Programme d’architecture de sécurité intégrée du GC (Sommet sur la sécurité GC 2014).pptx|Introduction au Programme d’architecture de sécurité intégrée du GC (Sommet sur la sécurité GC 2014)]]
| |
| − | | |
| − | <br>
| |
| − | | |
| − | == GC ESA Help Page ==
| |
| − | [[GC ESA Help Page|Click Here to Learn How to Edit the ESA Portal]]
| |
| − | | |
| − | [[Category:Government of Canada Enterprise Security Architecture (ESA) Program]]
| |
| − | [[Category:Enterprise Security Architecture]]
| |
| − | [[Category:GC Enterprise Architecture]]
| |
