Remote-access Guide

government of canada secure remote access

by Frida Jacobs Published 2 years ago Updated 2 years ago
image

Government of Canada Secure Remote Access (GCSRA): Using a department-issued laptop or tablet, you can connect to the Justice network using the Cisco AnyConnect VPN software and your MyKey. Instructions on how to use GCSRA and other help resources are available offline in a folder on your desktop called GCSRA-ADPGC.

Full Answer

How is the government of Canada supporting remote work?

The Treasury Board of Canada Secretariat, Shared Services Canada, departmental Chief Information Officers and Chief Security Officers are working together to support remote work. You should consider when and how you use the network. Each department may have different advice and directives about how to use technology.

What are remote access services?

Remote Access Services provide secure, cost-effective ways for mobile workers, telecommuters, and non-government customers on external networks to access the Shared Provincial Access Network for British Columbia (SPAN/BC).

What does remote access mean for GC?

In this context, remote access is defined as any connection where a user is not directly connected to a GC network using traditional wired infrastructure or using a Wi-Fi service with direct corporate network access. New technologies such as 5G and Wi-Fi 6 will change the users’ “last-mile” services in the medium term.

What is remote access services (VPN)?

Guidelines Remote Access Services User Guide VIRTUAL PRIVATE NETWORK (VPN) OVERVIEW Remote Access Services provide secure, cost-effective ways for mobile workers, telecommuters, and non-government customers on external networks to access the Shared Provincial Access Network for British Columbia (SPAN/BC).

image

When working remotely, should you not connect personal devices?

when working remotely, you should not connect personal devices (for example, USB drive, printer, etc.) to your Government-issued device. when transmitting Protected A and Protected B information, use Government-approved services. store Protected A and Protected B information in your department’s official repository (for example, ...

What does "protected C" mean?

“Protected C”, “Confidential”, “Secret”, and “Top Secret” indicate very sensitive information. This could include information whose compromise could lead to loss of life, serious impediment to the economy, or disruption of critical infrastructure.

How to store sensitive documents?

store sensitive documents at home as securely as possible but separate from your personal and family files. if you have a secure briefcase issued by your department, keep documents locked in it and stored discretely. destroy sensitive documents at the office using an approved shredder.

What is non sensitive information?

Non-sensitive information: Unclassified. “Unclassified” or a lack of security marking denotes non-sensitive information. This is information that, if released to the public, carries no injury to personal, industry, or government interests. you don’t need to do anything special to protect this information.

Where is the security marking on an email?

pay attention to security markings, typically found at the beginning of an email or top-right corner of a document. if you are the information originator, it is your responsibility to apply a security marking that reflects the information’s sensitivity/business value correctly.

Gateway to a mobile workforce

One of the tools that makes it possible for our employees to work from anywhere is the “Always on” Virtual Private Network (VPN), which is offered through SSC’s Government of Canada Secure Remote Access (GCSRA) service. A VPN is a gateway to the Internet and an employee’s work files and emails (the SSC network).

Special circumstances

There can be times when our employees have no choice but to work from home or another location due to special circumstances like extreme weather or building closures. Having tools like GCSRA puts the safety of our people first while meeting our customers’ needs.

What is remote access?

In this context, remote access is defined as any connection where a user is not directly connected to a GC network using traditional wired infrastructure or using a Wi-Fi service with direct corporate network access.

What is SSC in Canada?

SSC provides a range of services to Government of Canada departments and agencies. The organization plays a key role in the GC’s ability to deliver a secure digital network that enables a positive user experience. The table below lists the key drivers for a modern network and security strategy that supports the emerging demands of digital government. While all are critical, there is no specific order for prioritization, dependencies or implementation sequencing. Some drivers are more relevant to SSC, some more so to GC, and the distinction is indicated in brackets with the Business Driver.

What is the purpose of the SSC 3.0 document?

The purpose of this document is to expand on the SSC Future Network and Security Vision, which establishes the future vision for SSC , essentially outlining the integration of SDI and ZTA. This document will attempt to elaborate on that premise, and consider the strategy and roadmap that SSC should undertake to uplift network and security services, address emerging technology and security trends, and operationalize the principles outlined in SSC 3.0.

What is identity and access control?

Identity and access control refers to the authentication and authorization required for users and devices to interact with, and connect to, GC technology resources. Identity and access control will integrate with ZTA to fundamentally change how platforms and data are secured. In the ZTA model, everyone is viewed as a threat unless proven otherwise. The core benefit of this framework is that it enables organizations to secure internal and external users across the network. The complexity is that this model requires SSC to fundamentally redesign the core network and technology components and consolidate the identity services within GC networks with the objective of moving to a single identity for employees and another for external users.

How many users does the GC network have?

The GC network includes approximately 50 logical networks, spanning approximately 4,000 sites and approximately 5,000 buildings. It reaches over 400,000 users in Canada and around the world. Predictably, this network includes many diverse physical devices, vendors, and different levels of integration. Configurations have been primarily done manually, by system engineers and operators within SSC and within other departments, which can lead to inconsistencies in the configurations. This lack of consistency has led to manageability challenges, reduced reliability and higher operational overhead. Changes to network and security infrastructure and software are slow and expensive, often requiring replacement of incorrectly sized hardware as well as rework for lack of alignment with a long-term vision. Adjusting current network technology and topology to accommodate the demand of agility and flexibility by modern multi-cloud-based services is also unmanageable. There are also costs associated with these inefficiencies:

What is SD-LAN in office?

SD-LAN defines how offices (vs individuals) will connect with the future-state local network. Technologies such as Wi-Fi 6 and 5G will provide an opportunity to modernize and enhance the user experience as they are leveraged as a more flexible means of connectivity. Edge Network—Office/Building Services include considerations for connecting end-user devices to the network through Wi-Fi/Wi-Fi 6 and 5G. While the strategy/approach of “wireless first” will simplify user connectivity, reduce fit-up costs and enhance user experience, some devices (for example, printers and videoconference stations) are not practical for wireless connectivity. This approach will also accommodate more predictability in the traffic routing to/from these devices, providing traffic optimization.

How does a GC work?

The GC has traditionally applied the castle-and-moat approach to access control, aimed at securing the perimeter by authenticating and granting access to authorized users at secure entry-points. Networks have expanded to include a vast number of end points and adversaries continue to find new ways to circumvent perimeter security. This is further complicated by the growing adoption of mobile technologies that enable a remote workforce and the use of outsourced services. The GC has traditionally mitigated these threats by establishing network zones and deploying an increased number of firewalls to filter network access. However, this approach has become cumbersome and costly as firewall rulesets must be continually adjusted to account for both new threats and new authorized traffic.

Why is working remotely important?

Maintaining your well-being. While there may be benefits associated with working remotely, including avoiding the daily commute and the freedom to work at different times of the day, working remotely for longer periods of time and during a pandemic can present unique challenges.

What to do when working remotely?

remember that if you are working remotely on sensitive (protected or classified) information, you are responsible for safeguarding it. take steps, such as password protecting videoconferences, to help secure communications. focus on managing information of business value.

How to be successful while working remotely?

To be successful while working remotely, we need a workspace that promotes efficiency and effectiveness. Take the time to create the right conditions for success and wellness: talk to your partner, children, or others, about your workspace and your needs while working remotely .

How to reduce eye strain while working remotely?

talk to your partner, children, or others, about your workspace and your needs while working remotely. try to work in a space with natural light to reduce eyestrain; exposure to natural light can impact physical and mental well-being.

Does the government of Canada require employees to work remotely?

At present, Government of Canada employees at all work sites are asked to work remotely whenever and wherever possible. Managers are expected to identify an approach that is flexible while ensuring continued critical government operations and services to Canadians.

Is working remotely a reality?

Working remotely is a new reality for many public servants as we carry on work during the COVID-19 pandemic. While it offers some advantages and flexibilities, many of us are continuing to adjust to these new circumstances that are impacting our work and home life.

Why is remote work important?

When working remotely, your employees need to access the same internal services, applications, and information that they would have access to in the office. However, your organization also needs to protect its systems and information, as remote work introduces new vulnerabilities. You need to implement additional security precautions to prevent threat actors from taking advantage of those vulnerabilities.

How do threat actors target remote workers?

Threat actors use different methods to target remote workers: Physical access to a device: If employees leave devices unattended in public, threat actor can tamper with them or steal them.

How to protect devices when working from home?

Encourage employees to take the same measures on their personal devices as well. Use multi-factor authentication.

What are security tools?

There are security tools that your organization can use to add additional layers of protection for your networks, systems, and devices. The security tools below are just some examples of ways that you can reduce the risks of malicious intrusions caused by malware or other cyber attacks.

Why do organizations need to protect their systems and information?

However, your organization also needs to protect its systems and information, as remote work introduces new vulnerabilities. You need to implement additional security precautions to prevent threat actors from taking advantage of those vulnerabilities.

Can you work remotely if you have never worked remotely?

If an employee has never worked remotely before, the transition can be surprisingly difficult. Set your employees up for success and clearly communicate the measures that they need to take to contribute to your organization’s cyber security.

Can a personal device be protected?

Personal devices may not be protected with a PIN or password, and even if they are, easily guessed PINS or passwords may be used. Loss of control over information. If used for work purposes, personal devices may hold sensitive business information that your organization can’t manage appropriately.

Flexible remote work, remote support and collaboration solutions for local, state, and federal agencies

Whether you work in public health, justice, parks and recreation, planning and development, a library, or any other department, you need secure, high-performance remote access to your work computers so you can use applications and data from anywhere, just as you would in-person.

Employees can remotely access work computers from any device, and IT teams can remotely support any computer or mobile device

Get the high-performance, flexibility, and control you need to effectively manage remote access for your team.

Splashtop offers great features at the best price!

All remote sessions are protected by security features and practices including TLS and 256-bit AES encryption, device authentication and two-step verification. Connections, file transfers, and management events are logged. Learn more about SOC 2, GDPR, and HIPAA standards compliance .

Reimagine Security in the Remote Workplace

Learn how to provide a secure online work environment for your remote employees.

Strengthen your security with an integrated solution

Join us to learn how Microsoft’s end-to-end security solutions can help you provide greater visibility and control over your digital environment.

image

Executive Summary

Introduction

Strategy Rationale

Business Drivers and Other Challenges

Current State of Networking and Security Within The GC

  • The GC network includes approximately 50 logical networks, spanning approximately 4,000 sites and approximately 5,000 buildings. It reaches over 400,000 users in Canada and around the world. Predictably, this network includes many diverse physical devices, vendors, and different levels of integration. Configurations have been primarily done manuall...
See more on canada.ca

Emerging Industry Trends

Adoption Roadmap

Conclusion

Acronyms

References

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9