44
edits
Changes
Jump to navigation
Jump to search
Line 6:
Line 6: − + − + Line 15:
Line 15: − + − + − + − + − * '''Public cloud''' − ** A commercially available offering procured and security-assessed for the use of all government organizations. In this deployment model, the government organizations will securely share tenancy with private companies, non-profits and individuals. <ref name=":0">Government of Canada Cloud Adoption Strategy;https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/cloud-computing/government-canada-cloud-adoption-strategy.html</ref> − * '''Private cloud''' − ** A Cloud offering tailored to the Government of Canada (GC). In this deployment model, the GC will be the only tenant residing on the Cloud. Private clouds include both off-premises and on-premises clouds managed by the GC or by a third party. <ref name=":0" /> − * '''Non-cloud''' − ** A traditional IT environment for hosting legacy applications that cannot be deployed to a Cloud environment. <ref name=":0" /> − * '''Hybrid cloud or IT environment''' − ** A combination of the above models. This model takes a pragmatic approach to integrating legacy technology with Cloud technology. <ref name=":0" /> − ''[source: Government of Canada Cloud Adoption Strategy]'' − + + + + + + + + + + + + + + + + + Line 40:
Line 47: − + − * '''Software as a Service (SaaS):''' The Cloud Service Provider hosts and manages software applications and the infrastructure that supports them. Clients can access these applications using devices through a web browser.+ − * '''Platform as a Service (PaaS):''' An environment where the Cloud Service Provider gives users access to infrastructure, services and tools such as programming languages, libraries, where users can create or customize applications.+ − * '''Infrastructure as a Service (IaaS):''' The Cloud Service Provider provides an underlying infrastructure that gives the consumer control over operating systems, storage, and applications. It may also give users limited control of some networking components.+ + − + + + Line 55:
Line 65: − + − + − * '''TBS:''' The Treasury Board of Canada Secretariat is responsible for enterprise strategies, policies, standards, governance and the coordination of supply and demand.+ + + + + + + + − * '''SSC:''' Shared Services Canada is responsible for Cloud service supply, readiness, enablement and standardization. − * '''PSPC:''' As a common service procurement provider, PSPC responds to client department needs by developing procurement tools and procuring solutions on their behalf. − * '''Departments:''' Each department is responsible for choosing and adopting Cloud services. They will lead change activities and analyze application portfolios for opportunities to take advantage of Cloud services. The Treasury Board of Canada Secretariat also has a [[gccollab:file/group/1785962/all#1785965|roles and responsibilities document]]. − + Line 78:
Line 92: − − '''Q:''' What is the Cloud Broker Fee? − − '''A:''' Cloud services are provided based on commercial pricing, as advertised by each of the qualified suppliers. Commercial pricing for unclassified public Cloud services is available through the Cloud Brokering Service. Billing is issued directly to GC departments by the supplier on the services consumed. − − A ten percent (10%) brokering fee, which is not included in the direct billing between the supplier and the GC department, is applied by Shared Services Canada to the value of services consumed. The brokering fee is based on monthly consumption and is retrieved quarterly. − − The brokering fee recovers the cost of the Cloud Brokering Service. Line 105:
Line 111: − + Line 111:
Line 117: − + − + + + + + + − The Government of Canada (GC) has policies in place that enforce where data resides (residency), how it is controlled (sovereignty), and has begun to develop guidelines that detail departments’ accountability for managing services securely.+ − − Cloud service provider infrastructures are assessed by the Canadian Industrial Security Directorate (CISD), Canadian Centre for Cyber Security (Cyber Centre), Cloud Service Provider Assessment Program, and the Cyber Centre/Shared Services Canada Supply Chain Integrity (SCI) processes from the onset as part of the procurement process. − − The GC takes into account industry benchmarks and certifications as part of the requirements that the Cloud service providers must meet (e.g. SOC2 and ISO27000 series). − + + + + + + + + + + + + − '''Q:''' How is the security and confidentiality of data protected?+ − '''A:''' The Government of Canada (GC) works with security partners to ensure that the security and confidentiality of data remain intact. The GC continuously monitors any potential cyber threats and has robust measures in place to address them.+ − To ensure the security of government networks and systems, Shared Services Canada (SSC) and the Canadian Centre for Cyber Security has established a Supply Chain Integrity process, which evaluates the security of goods and services at all stages of the procurement process. This ensures that only trusted equipment, software and managed services are used in the delivery of government services.+ − + − '''Please note:''' The communications between the GC Cloud environments and the GC data and applications hosted in enterprise data centres will be trusted. The SCED perimeter will not be required for securing these communications.+ − − − + Line 150:
Line 166: − + − + − + − + Line 165:
Line 181: − + − + − + Line 175:
Line 191: − + + − + − The brokering fee recovers the cost of Cloud Brokering Service. + − + − '''A:''' The procurement process is nearing completion. As of June 17, the Government of Canada is ready to receive bids from pre-qualified vendors. + − Once the bids are received, they will be evaluated and contract negotiations will take place with pre-qualified vendors. Initial contracts are expected to be issued during summer 2019.+ − PSPC has developed a Supply Arrangement allowing vendors to qualify for the provision of SaaS solutions. Starting from June 17, PSPC is accepting and reviewing submissions and as vendors qualify, client departments can start consuming. + + + + + + + Line 199:
Line 222: − + + − ==== ISSUE ====+ − − + − ==== KEY MESSAGES ====+ + − * As the Government of Canada’s Cloud broker, enabler and service provider, Shared Services Canada: − ** ensures the Cloud solutions are provided from qualified vendors; and − ** provides the network connectivity and security needed to support use of the Cloud. − * As of June 17, the Government of Canada will be ready to receive bids from qualified respondents for '''Protected B''' Cloud services. − * The protection and privacy of Government of Canada data stored and processed in the Cloud is a top priority for Shared Services Canada.+ − − ===== If pressed on the cloud protected B procurement process ===== + − ** SSC’s procurement vehicle supports delivering of their core mandate of network services, compute and storage capabilities and applications related to workplace technologies for GC departments; and+ − ** PSPC’s vehicle will support SaaS requirements, which correspond with the traditional procurement of software applications and associated support.+ + − * As of June 17, the Government of Canada is ready to receive bids qualified respondents for Protected B Cloud services. − * For SSC’s vehicle, once it receives the bids, the Government of Canada will begin contract negotiations with these qualified respondents. − + − ===== If pressed on security =====+ − − + − ===== If pressed on networks =====+ + + − + − ==== SPOKESPERSON ====
→ISSUE
== Frequently Asked Questions (FAQs) ==
== Frequently Asked Questions (FAQs) ==
=== General cloud information ===
=== General ===
'''Q:''' What is Cloud?
'''Q:''' What is Cloud?
'''A:''' Cloud is a network of servers hosted over the Internet that is used to store, manage, and process data and applications in place of local servers or personal computers. Companies offering these services are called Cloud service providers and typically charge for services based on the consumption.
'''A:''' Cloud is a network of servers hosted over the Internet that is used to store, manage, and process data and applications in place of local servers or personal computers. Companies offering these services are called Cloud service providers and typically charge for services based on consumption.
Cloud computing has been around since the late 1990s and continues to be a proven option for hosting data and applications. Cloud services often offer greater flexibility, mobility and efficiency.
Cloud computing has been around since the late 1990s and continues to be a proven option for hosting data and applications. Cloud services often offer greater flexibility, mobility and efficiency.
'''Q:''' What is the Cloud first policy requirement?
'''Q:''' What is the Cloud first policy requirement?
'''A:''' Cloud first is a policy requirement that can be found in section 6.2.6 of the Treasury Board Secretariat of Canada’s [https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=12755 Policy on Management of Information Technology].
'''A:''' Cloud first is a policy requirement that can be found in section 6.2.6 of the Treasury Board of Canada Secretariat’s Policy on Management of Information Technology.
It is further elaborated in the [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/cloud-computing/government-canada-cloud-adoption-strategy.html Cloud Adoption Strategy] where “'''Cloud first”''' is recommended as the preferred option for delivering IT services.
It is further elaborated in the Cloud Adoption Strategy where “'''Cloud first”''' is recommended as the preferred option for delivering IT services.
This means that Government of Canada departments will prioritize the use of Cloud to store, manage, and process data and applications whenever possible.
This means that Government of Canada departments will prioritize the use of Cloud to store, manage, and process data and applications whenever possible.
'''Q:''' What are the different Cloud option models?
'''Q:''' What are the different Cloud option models?
'''A:''' The Treasury Board of Canada Secretariat offers [https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/cloud-computing/government-canada-right-cloud-selection-guidance.html Government of Canada Right Cloud Selection Guidance] to help departments decide which Cloud model is right for them.
'''A:''' The Treasury Board of Canada Secretariat offers Government of Canada Right Cloud Selection Guidance to help departments decide which Cloud model is right for them.
'''Q:''' How many contracts are in place for providing unclassified Cloud?
'''Public Cloud'''
A commercially available offering procured and security-assessed for the use of all government organizations. In this deployment model, the government organizations will securely share tenancy with private companies, non-profits and individuals.
'''Private Cloud'''
A Cloud offering tailored to the Government of Canada (GC). In this deployment model, the GC will be the only tenant residing on the Cloud. Private clouds include both off-premises and on-premises clouds managed by the GC or by a third party.
'''Non-Cloud'''
A traditional IT environment for hosting legacy applications that cannot be deployed to a Cloud environment.
'''Hybrid Cloud or IT environment'''
A combination of the above models. This model takes a pragmatic approach to integrating legacy technology with Cloud technology. <ref>https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/cloud-services/government-canada-cloud-adoption-strategy.html</ref>
'''Q: How many contracts are in place for providing unclassified Cloud?'''
'''A:''' The Government of Canada currently has twenty-six contracts in place for commercially available '''unclassified''' Cloud services. They are available through the Cloud Brokering Portal for on-demand consumption and are based on actual usage.
'''A:''' The Government of Canada currently has twenty-six contracts in place for commercially available '''unclassified''' Cloud services. They are available through the Cloud Brokering Portal for on-demand consumption and are based on actual usage.
'''Q:''' What are the different Cloud service models Cloud service providers (CSP) offer?
'''Q:''' What are the different Cloud service models Cloud service providers (CSP) offer?
'''A:'''
'''A: Software as a Service (SaaS):''' The Cloud Service Provider hosts and manages software applications and the infrastructure that supports them. Clients can access these applications using devices through a web browser.
'''Platform as a Service (PaaS):''' An environment where the Cloud Service Provider gives users access to infrastructure, services and tools such as programming languages, libraries, where users can create or customize applications.
'''Infrastructure as a Service (IaaS):''' The Cloud Service Provider provides an underlying infrastructure that gives the consumer control over operating systems, storage, and applications. It may also give users limited control of some networking components.
'''Q:''' How does migration to the Cloud fit within the workload migration process?
'''Q:''' How does migration to the Cloud fit within the workload migration process?
'''A:''' Shared Services Canada is working with Government of Canada departments to migrate their data and applications from aging data centres to modern infrastructures like Cloud and enterprise data centres. With its increased performance, agility and elasticity, Cloud is the technology of choice to attain this goal. [https://www.budget.gc.ca/2018/docs/plan/chap-04-en.html Budget 2018] also refers to Cloud as an option for migrating from legacy, at risk, data centres:
'''A:''' Shared Services Canada is working with Government of Canada departments to migrate their data and applications from aging data centres to modern infrastructures like Cloud and enterprise data centres. With its increased performance, agility and elasticity, Cloud is the technology of choice to attain this goal.
Budget 2018 also refers to Cloud as an option for migrating from legacy, at risk, data centres:
“$110 million over six years, starting in 2018–19, to be accessed by Shared Services Canada’s partner departments and agencies to help them migrate their applications from older data centres into more secure modern data centres or cloud solutions.”
“$110 million over six years, starting in 2018–19, to be accessed by Shared Services Canada’s partner departments and agencies to help them migrate their applications from older data centres into more secure modern data centres or cloud solutions.”
'''A:''' Only Shared Services Canada (SSC) and Public Services and Procurement Canada (PSPC) have the delegated authority to procure cloud services.
'''A:''' Only Shared Services Canada (SSC) and Public Services and Procurement Canada (PSPC) have the delegated authority to procure cloud services.
Each department has a procurement mandate. For instance, SSC’s procurement vehicle supports the delivery of network services, compute and storage capabilities and applications related to workplace technologies for GC departments. PSPC’s vehicle will support Software-as-a-Service requirements, which correspond with the traditional procurement of software applications and associated support.
Each department has a procurement mandate. For instance, SSC’s procurement vehicle supports the delivery of network services, compute and storage capabilities and applications related to workplace technologies for GC departments. PSPC’s vehicle will support Software-as-a-Service requirements, which correspond with the traditional procurement of software applications and associated support.
=== Roles and responsibilities ===
=== Roles and responsibilities ===
'''Q:''' From an enterprise perspective, who is responsible for what?
'''Q:''' From an enterprise perspective, who is responsible for what?
'''A:'''
'''A:''' TBS: The Treasury Board of Canada Secretariat is responsible for enterprise strategies, policies, standards, governance and the coordination of supply and demand.
SSC: Shared Services Canada is responsible for Cloud service supply, readiness, enablement and standardization.
PSPC: As a common service procurement provider, PSPC responds to client department needs by developing procurement tools and procuring solutions on their behalf.
Departments: Each department is responsible for choosing and adopting Cloud services. They will lead change activities and analyze application portfolios for opportunities to take advantage of Cloud services.
The Treasury Board of Canada Secretariat also has a roles and responsibilities document.
'''Q:''' Who determines the prioritization of migration (departments) to the Cloud and how is it being managed?
'''Q:''' Who determines the prioritization of migration (departments) to the Cloud and how is it being managed?
'''A:''' The departmental chief information officers make the choice to use Cloud and set migration priorities, based on a number of criteria.
'''A:''' The departmental chief information officers make the choice to use Cloud and set migration priorities, based on a number of criteria.
=== Cloud client information ===
=== Cloud client information ===
Following a rigorous procurement process, the GC qualified twenty-six suppliers of commercial '''unclassified''' public Cloud services. These services are available to GC departments through the Cloud Brokering Portal.
Following a rigorous procurement process, the GC qualified twenty-six suppliers of commercial '''unclassified''' public Cloud services. These services are available to GC departments through the Cloud Brokering Portal.
'''Q:''' What steps must Government of Canada departments take to adopt Cloud?
'''Q:''' What steps must Government of Canada departments take to adopt Cloud?
'''A:''' Departments determine when Cloud or data centre services are appropriate. This responsibility is embedded in the Policy for the Management of IT. All data having national interest (i.e. PROTECTED C, CONFIDENTIAL, SECRET, TOP SECRET) cannot be deployed to public Cloud. Protected B and unclassified data are deemed appropriate for public Cloud deployment, but departments are ultimately responsible for determining if an Enterprise Data Centre or Cloud services best meets their business requirements.
'''A:''' Departments determine when Cloud or data centre services are appropriate. This responsibility is embedded in the Policy for the Management of IT. All data having national interest (i.e. PROTECTED C, CONFIDENTIAL, SECRET, TOP SECRET) cannot be deployed to public Cloud. Protected B and unclassified data are deemed appropriate for public Cloud deployment, but departments are ultimately responsible for determining if an Enterprise Data Centre or Cloud services best meets their business requirements.
The Treasury Board Secretariat has oversight of that decision, while Shared Services Canada and Public Services and Procurement Canada supply the Cloud services.
The Treasury Board of Canada Secretariat has oversight of that decision, while Shared Services Canada and Public Services and Procurement Canada supply the Cloud services.
The Government of Canada’s Cloud First Policy requires departments to choose public Cloud service as their principal deployment model for IT.
The Government of Canada’s Cloud First Policy requires departments to choose public Cloud service as their principal deployment model for IT.
'''Q:''' How much technical involvement will Shared Services Canada have once the Cloud services have been purchased?
'''Q:''' How much technical involvement will Shared Services Canada have once the Cloud services have been purchased?
'''A:''' The Cloud Adoption Strategy and supporting security guidance place the responsibility of Cloud operations with the Government of Canada departments. SSC will remain involved with networking, security and any other optional services that departments may want SSC to deliver. SSC is working with departments to identify these. In addition, SSC is responsible to provide secure network connectivity to address their responsibility for cloud service readiness.
'''A:''' The Cloud Adoption Strategy and supporting security guidance place the responsibility of Cloud operations with the Government of Canada departments. SSC will remain involved with networking, security and any other optional services that departments may want SSC to deliver. SSC is working with departments to identify these. In addition, SSC is responsible for providing secure network connectivity to address their responsibility for cloud service readiness.
=== Security ===
=== Security ===
'''Q:''' Is my data safe? Can data and applications be securely stored in the Cloud?
'''Q:''' Is my data safe? Can data and applications be securely stored in the Cloud?
'''A:''' Yes. Canadians can rest assured that their data is safe.
'''A:''' Yes, the data is safe in the cloud. The Government of Canada (GC) has put in place a cloud security risk management process which consists of a series of procedures that are implemented by a combination of Cloud Service Provider (CSP) and GC resources. This procedure remains a governmental responsibility and is directly linked to the management of IT security risks. In evaluating CSP solutions, the following exercises are conducted:
# Perform Security Categorization, i.e. what is the level of security required to protect the information
# Select appropriate Security Controls, Cloud Deployment and Service Model
# Assess Cloud Services, implement GC security controls and Authorize operations of the cloud based GC service
# Continuously monitor cloud based GC services and maintain authorization state.
CSPs are selected following a successful security assessment through Canadian Centre for Cyber Security’s Cloud Security Program.
'''Q:''' How is the security and confidentiality of data protected?
The GC will not award contracts unless these requirements are met.
'''A:''' The Government of Canada (GC) has policies in place that enforce where data resides (residency) and how it is controlled (sovereignty). It has also adapted the existing GC risk management approach by incorporating existing risk management processes with cloud standards from:
* The US National Institute of Standards and Technology (NIST)
* The Canadian Centre for Cyber Security (Cyber Centre)
* The Treasury Board of Canada Secretariat (TBS)
The following list of standards were used to develop this new Cloud Security Risk Management approach:
* Cyber Centre information system security risk management guidance, ITSG-33
* NIST’s standards on information system security risk management, which are specified in the Special Publications 800 series
* The NIST cloud computing reference architecture, which is documented in Special Publication 500 292
* The NIST cloud computing security reference architecture, which is documented in Special Publication 500 299
* The Federal Risk and Authorization Management Program (FedRAMP)
* TBS’s Security Risk management approach and procedure
Operating within the cloud, it is still part of the Risk Management framework for the GC to determine the security requirements necessary to protect the information and services.
The GC has created Cloud Security Control Profiles based on the Cyber Centre’s IT Security Risk Management: A Lifecycle Approach (ITSG-33) guidelines to help with Departmental level activities to integrate into the organization’s security program to plan, manage, assess, and improve the management of IT security-related risks the organization faces in the Cloud.
These activities include the execution of information system security engineering, threat and risk assessment, security assessment, and authorization.
The GC takes into account industry benchmarks and certifications in establishing the requirements that the Cloud Service Providers must meet as part of the Security Requirements (e.g. SOC2 and ISO27000 series).
'''Q:''' What is Secure Cloud Enablement and Defence (SCED)?
'''Q:''' What is Secure Cloud Enablement and Defence (SCED)?
'''A:''' Secure Cloud Enablement and Defence (SCED) is an architected security perimeter that will focus on the network connectivity between the Cloud environment and the public Internet. The main purpose of SCED will be to secure Government of Canada (GC) data deployed by GC departments to public Cloud environments.
'''A:''' The Secure Cloud Enablement and Defence (SCED) is the security services implemented by the Government of Canada (GC) to secure the network connectivity between the Cloud environment and the Government of Canada (GC). Protected B Cloud is an approved Cloud solution for use with GC data which has been identified at a Protected B security level.
'''Q:''' What are the timelines for SCED?
'''Q:''' What are the timelines for SCED?
'''A:''' The pilot of Secure Cloud Enablement and Defence (SCED) architecture 1 is being finalized and assessed for Treasury Board of Canada Secretariat and Statistics Canada.
'''A:''' The pilot of Secure Cloud Enablement and Defence (SCED) architecture 1 is being finalized and assessed for Treasury Board of Canada Secretariat and Statistics Canada.
'''Q:''' Who is responsible for IT/IM security?
'''Q:''' Who is responsible for IM/IT security?
'''A:''' Cloud service providers are responsible for the security of the Cloud; the departments are responsible for Security in the Cloud; and Shared Services Canada provides security "to and from" the Cloud.
'''A:''' Cloud service providers are responsible for the security of the Cloud; the departments are responsible for Security in the Cloud; and Shared Services Canada provides security "to and from" the Cloud.
The combination of Treasury Board Secretariat of Canada Cloud directives and the Canadian Centre for Cyber Security Cloud Service Provider (CSP) Assessment Program methodology documentation provide advice and more information.
The combination of Treasury Board Secretariat of Canada Cloud directives and the Canadian Centre for Cyber Security Cloud Service Provider (CSP) Assessment Program methodology documentation provide advice and more information.
'''Q:''' What security certifications do the cloud services hold?
'''Q:''' What security certifications do the Cloud services hold?
'''A:''' At a minimum the Government of Canada (GC) has indicated that Cloud Service Provider’s require up to date industry benchmarks and certifications like SOC2 and ISO27000 series to demonstrate compliance to security requirements. Additional evidence or documentation may also be collected and reviewed as necessary.
'''A:''' At a minimum the Government of Canada (GC) has indicated that Cloud service providers require up-to-date industry benchmarks and certifications like SOC2 and ISO27000 series to demonstrate compliance to security requirements. Additional evidence or documentation may also be collected and reviewed as necessary.
=== Protected B ===
=== Protected B ===
'''Q:''' How many vendors have for qualified Protected B Cloud Services?
'''Q:''' How many vendors have qualified for providing Protected B Cloud Services?
'''A:''' No news is available on this subject until the contract process is complete.
'''A:''' Two vendors have qualified at this time; AWS Canada and Microsoft Azure.
'''Q:''' What is the difference between Protected B Cloud and SCED?
'''Q:''' What is the difference between Protected B Cloud and SCED?
'''Q:''' Are there different types of Protected B (public vs. private)?
'''Q:''' Are there different types of Protected B (public vs. private)?
'''A:''' Yes. The public Protected B Cloud is housed on a public Cloud provider’s infrastructure, while a private Protected B Cloud would be a reserved and segregated working Cloud environment for a single organization.
'''A:''' No, There are not different types of Protected B. Protected B is a GC standard data classification identifier that indicates a level of security required to protect sensitive data.
'''Q:''' What steps do Government of Canada departments need to follow to access Protected B Cloud services?
'''Q:''' What steps do Government of Canada departments need to follow to access Protected B Cloud services?
'''A:''' When the Protected B supply is in place, it will be available through the Cloud Brokering Portal.
'''A:''' When the Protected B supply is in place, it will be available through the Cloud Brokering Portal.
'''Q:''' Does the Cloud Brokering Service function the same way for Protected B?
'''Q:''' Does the Cloud Brokering Service function the same way for Protected B?
'''A:''' Yes.
'''A:''' Yes.
'''Q:''' Is the Cloud brokering fee the same for Protected B?
=== Employees ===
'''Q:''' Will Cloud lead to job loss?
'''A:''' Yes. A ten percent (10%) brokering fee, not included in the direct billing between the supplier and the GC department is applied by Shared Services Canada to the value of services consumed. The brokering fee is based on monthly consumption and is retrieved quarterly.
'''A:''' No. The Government of Canada’s (GC) IT workforce is its most valuable asset when it comes to Cloud adoption. The GC’s ability to adopt Cloud services is directly proportional to the workforce’s ability to adopt modern Cloud skills. Preparing the workforce is a key theme of the GC Cloud Adoption Strategy. New opportunities are being created with emerging roles to manage and consume Cloud services.
'''Q:''' What training is available for employees interested in working on Cloud?
'''Q:''' When will Protected B Cloud services be available?
'''A:''' The Canada School of Public Service, under the Digital Academy, has created programs to increase IT professionals’ skills in Cloud and DevOps.
SSC is also assembling a guide book in relation to the various career paths & training opportunities in relation to SSC Cloud. This information will be made available by: [[Mailto:ssc.ssccloudgovernanceandcm-spcgouvernanceetgcinfonuagique.spc@canada.ca|ssc.ssccloudgovernanceandcm-spcgouvernanceetgcinfonuagique.spc@canada.ca]]
'''Q:''' What is the new information technology (IT) occupational group?
'''A:''' The Treasury Board of Canada Secretariat (TBS) has approved the creation of a new IT group that replaces the Computer Systems (CS) group to better reflect modern professional IT work and the current IT environment.
There is no immediate impact on employees of the CS group. Additional information on the conversion to the IT standard will be shared closer to the effective date, which will be determined following the round of collective bargaining for the renewal of the CS collective agreement that expired December 21, 2018.
'''Q:''' Is the procurement of Protected B Cloud services related to the conversion to the IT occupational group?
'''A:''' No. Both initiatives are separate. SSC is leading the procurement of Protected B Cloud services and TBS is leading the conversion to the new IT occupational group.
=== What’s next? ===
=== What’s next? ===
'''A:''' The SSC Cloud Program office at: [[Mailto:ssc.cloud-infonuagique.spc@canada.ca|ssc.cloud-infonuagique.spc@canada.ca]]
'''A:''' The SSC Cloud Program office at: [[Mailto:ssc.cloud-infonuagique.spc@canada.ca|ssc.cloud-infonuagique.spc@canada.ca]]
The Treasury Board of Canada Secretariat website at: <nowiki>https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/cloud-services.html</nowiki><references />
The Treasury Board of Canada Secretariat website at: <nowiki>https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/cloud-services.html</nowiki> <references />
== Anticipatory Media Lines ==
== Anticipatory Media Lines ==
=== Protected B Public Cloud Services Procurement ===
=== Protected B Public Cloud Services Procurement ===
'''ISSUE'''
In 2018, Government of Canada updated its Cloud Adoption Strategy to draw its vision and commitment to adopting Cloud-based solutions, in particular in the area of the public cloud deployment and software-as-a-service (SaaS).
In 2018, Government of Canada updated its Cloud Adoption Strategy to draw its vision and commitment to adopting Cloud based solutions, in particular in the area of the public cloud deployment and software-as-a-service (SaaS).
In February 2018, the Government of Canada awarded twenty-six contracts for commercially available '''unclassified''' Cloud services. These contracts make these services available on demand through the Cloud Brokering Portal, with costs based on actual usage.
In February 2018, the Government of Canada awarded twenty-six contracts for commercially available '''unclassified''' Cloud services. These contracts make these services available on demand through the Cloud Brokering Portal, with costs based on actual usage.
On September 7, 2018, Shared Services Canada (SSC) posted an Invitation to Qualify (ITQ) for Protected B Public Cloud Services on buysandsell.gc.ca. This new procurement process will expand the range of Cloud services available to help departments manage their data and application workloads. As of June 17, the Government of Canada will be ready to receive bids from ITQ qualified respondents for '''Protected B''' Cloud services.
On September 7, 2018, Shared Services Canada (SSC) posted an Invitation to Qualify (ITQ) for Protected B Public Cloud Services on buysandsell.gc.ca. This new procurement process will expand the range of Cloud services available to help departments manage their data and application workloads. In August 2019, the Government of Canada signed the first two contracts '''Protected B''' Cloud services with AWS Canada and Microsoft Azure.
'''KEY MESSAGES'''
* The protection and privacy of Government of Canada data stored and processed in the Cloud is a top priority for the Government of Canada.
* The Government of Canada must be capable of delivering a range of digital services, at various security levels, to meet the needs of Canadians.
* The Government of Canada must be capable of delivering a range of digital services, at various security levels, to meet the needs of Canadians.
* Protected B Cloud services will respond to the increasing demand for options that enable departments to securely store data and applications in Canada.
* Protected B Cloud services will respond to the increasing demand for options that enable departments to securely store data and applications in Canada.
* Choosing Protected B vendors will expand the range of cloud services available to departments so they can manage their data and applications.
* Choosing Protected B vendors will expand the range of cloud services available to departments so they can manage their data and applications.
'''If pressed on the cloud protected B procurement process'''
* Shared Services Canada posted the Invitation to Qualify on September 7, 2018. This was the first phase of the procurement process to find qualified suppliers with experience in delivering cloud services at various security levels.
* Shared Services Canada posted the Invitation to Qualify on September 7, 2018. This was the first phase of the procurement process to find qualified suppliers with experience in delivering cloud services at various security levels.
* Public Services and Procurement Canada (PSPC) has developed a Supply Arrangement allowing vendors to qualify for the provision of SaaS solutions. Starting from June 17, PSPC is accepting and reviewing submissions and as vendors qualify, client departments can start consuming.
* The scope of each process aligns with the procurement mandates of each department. For instance:
* The scope of each process aligns with the procurement mandates of each department. For instance:
* SSC’s procurement vehicle supports delivering of their core mandate of network services, compute and storage capabilities and applications related to workplace technologies for GC departments; and
* PSPC’s vehicle will support SaaS requirements, which correspond with the traditional procurement of software applications and associated support.
* Shared Services Canada and PSPC work with industry stakeholders to ensure open, fair and transparent procurement processes.
* Shared Services Canada and PSPC work with industry stakeholders to ensure open, fair and transparent procurement processes.
* As of August 8, 2019, Shared Services Canada has signed Cloud Framework Agreements with AWS Canada and Microsoft Azure.
* Building on lessons learned from procuring unclassified Cloud services, Shared Services Canada and PSPC are using a multi-phased procurement process that works with industry to define and develop service requirements.
* Building on lessons learned from procuring unclassified Cloud services, Shared Services Canada and PSPC are using a multi-phased procurement process that works with industry to define and develop service requirements.
* When the procurement process is complete, partner departments will have access to Protected B Cloud services through the Cloud Brokering Portal.
* When the procurement process is complete, partner departments will have access to Protected B Cloud services through the Cloud Brokering Portal.
* PSPC’s RFSA is posted continuously to enable suppliers to qualify on an ongoing basis.
* PSPC’s RFSA is posted continuously to enable suppliers to qualify on an ongoing basis.
'''If pressed on security'''
* Shared Services Canada and PSPC work with security partners to ensure its service offerings meet specified Government of Canada security requirements to mitigate to the confidentiality, integrity and availability of data and business processes.
* Shared Services Canada and PSPC work with security partners to ensure its service offerings meet specified Government of Canada security requirements to mitigate to the confidentiality, integrity and availability of data and business processes.
* Shared Services Canada monitors compliance to Government of Canada-specified security requirements to ensure they remain in place.
* Shared Services Canada monitors compliance to Government of Canada-specified security requirements to ensure they remain in place.
* Canadians can rest assured that their data is safe in the Cloud.
* The Government of Canada has policies in place that enforce where data resides (residency), how it is controlled (sovereignty).
* The Government of Canada will not award contracts unless all of the security requirements are met.
'''If pressed on networks'''
* Shared Services Canada is focusing on the network connectivity to increase reliability and capacity for access to cloud services.
* Shared Services Canada is focusing on the network connectivity to increase reliability and capacity for access to cloud services.
'''SPOKESPERSON'''
* Media Relations Office, 613-670-1626
* Media Relations Office, 613-670-1626
