Technology for Transporting Information Securely
eUSB Key: Password
DESCRIPTION: An encrypted USB key (or flash drive) is a data storage device that includes flash memory with an integrated Universal Serial Bus (USB) interface, and encryption applied by both hardware and software. Requires a password to access data stored on the device.
PURPOSE: Can be used to move information within a team or group, from Branch to Branch, or from ESDC to other government departments, other levels of government, non-government organizations, or third parties where real-time collaboration is not required.
ACCESS: Pools of shared ‘keys’ have been established in Branches/Regions and are managed by Password Pool Custodians. Manager approval is required.
Self-serve tools available on iService.
DO's and DON'Ts for this Device
Information CLASSIFICATION for this Device:
Yes
Yes
See Appendix 3: Handling of Information and Required Safeguards for more information
eUSB Key: Biometric
DESCRIPTION: An encrypted USB key (or flash drive) is a data storage device that includes flash memory with an integrated Universal Serial Bus (USB) interface, and encryption applied by both hardware and software. Requires a fingerprint to access data stored on the device.
PURPOSE: Can be used to move information within a team or group, from Branch to Branch, or from ESDC to other government departments, other levels of government, non-government organizations, or third parties where real-time collaboration is not required.
ACCESS: Each device is assigned to an individual employee, who is the custodian responsible for the security of the device, as well as information placed on the device. Manager and ADM/Regional ADM approval required.
Self-serve tools available on iService.
DO's and DON'Ts for this Device
Information CLASSIFICATION for this Device:
Yes
Yes
See Appendix 3: Handling of Information and Required Safeguards for more information
Encrypted Hard Disk/Drive
DESCRIPTION: An external hard drive is a portable device designed with a high storage capacity. It connects to a computer with a USB cable.
PURPOSE: Made available only if technical or business rationale precludes the use of the network. Can be used to store large amounts of data or documents.
ACCESS: Access to hard drives is strictly controlled as these devices are able to retain large quantities of data and pose inherent risk to the Department. ADM/Regional ADM, the Department Security Officer (DSO) and the Chief Information Officer (CIO) approval and signatures required.
Self-serve tools available on iService.
DO's and DON'Ts for this Device
Information CLASSIFICATION for this Device:
Yes
Yes
See Appendix 3: Handling of Information and Required Safeguards for more information
Approved Unencrypted Devices
DESCRIPTION: An USB key (or flash drive) is a data storage device that includes flash memory with an integrated Universal Serial Bus (USB) interface.
PURPOSE: For the transport of work-related materials, and for departing employee requirements to remove their ‘personal’ information, i.e. résumé, performance agreements, etc.
ACCESS: Exception Requests are approved on a case-by-case basis, and may include a time-limit to use the function.
Each device is assigned to an individual employee, who is the custodian responsible for the security of the device, as well as information placed on the device.
Includes Secure Digital (SD) Cards and unencrypted USB keys.
Manager and ADM/Regional ADM approval required.
Self-serve tools available on iService.
DO's and DON'Ts for this Device
Information CLASSIFICATION for this Device:
Yes
Some exceptions. See PURPOSE.
Never
CD/DVD and other Portable Media
DESCRIPTION: Optical media (including CDs and DVDs) are storage media that hold information in digital form, and are written and read by a laser.
PURPOSE: For the transport of work-related materials, and for departing employee requirements to remove their ‘personal’ information, i.e. résumé, performance agreements, etc.
ACCESS: Write-Access Exception Requests are approved on a case-by-case basis, and may include a time-limit to use the function. Manager and/or ADM/Regional ADM approval required.
Self-serve tools available on iService.
Information CLASSIFICATION for this Device:
Yes
Some exceptions. See ACCESS.
Never
Laptops
DESCRIPTION: All departmental laptops contain encrypted hard drives and further software encryption.
PURPOSE: Working online, connected via VPN (Virtual Private Network). Working offline, data files must be stored appropriately on the device.
ACCESS: Assigned to individual employees.
Self-serve tools available on iService.
DO's and DON'Ts for this Device
Information CLASSIFICATION for this Device:
Yes
Yes
Never
Printers
DESCRIPTION: A device that accepts text and graphic output from a computer and transfers the information to paper.
PURPOSE: For creating a paper or ‘hard’ copy. Paper copies must be transported using prescribed secure methods.
ACCESS: All employees.
Self-serve tools available on iService.
Information CLASSIFICATION for this Device:
Yes
Confidential Print-to-PIN highly recommended.
Use Confidential Print-to-PIN or personal printer.
Scanners
DESCRIPTION:A device that captures images from photographic or text sources, such as prints, posters, magazine pages, and similar records, for computer editing and display.
PURPOSE: Commonly used to create an electronic version of a hard copy document (ex. travel receipts, ROEs). To reduce space and retain copy quality
ACCESS: Various photocopiers have a scan function. Available by location.
Information CLASSIFICATION for this Device:
Yes
Confidential Print-to-PIN highly recommended.
Use Confidential Print-to-PIN or personal printer.