Restricted Devices

Employee access to the Employment and Social Development Canada (ESDC) network and our collaboration tools, such as Microsoft Teams (Teams) and Office 365 (O365) will soon be restricted to managed government furnished equipment.

Access to Office 365 services (e.g., O365 and Teams) from personal devices will be blocked. This change will not impact the ability to join any unclassified Teams meetings from any device as an External Attendee.

Restrictions will be enforced starting in Fall 2021.

  • Devices that will be blocked:
    • Non-government furnished equipment (personal devices)
    • Government furnished mobile phones that do not have access to work email and are a replacement for desktop phones. These phones are not managed by Enterprise Mobile Device Management (EMDM) - Shared Services Canada (SSC).
  • Devices that will not be blocked:
    • Managed government furnished equipment (laptop, desktop, tablet and virtual device)
    • Managed government furnished mobile devices (iPhone, iPad, Samsung) that have access to work email. These are managed by EMDM - SSC.
    • Secure Access Virtual Environment – Desktop (SAVE-D)
    • AppGate remote connection
    • GC Emergency Communications System (GCECS) devices
    • Devices used by approved ESDC guest accounts (and within approved restrictions).
  • Once restrictions are in place, only the following web browsers will have access to Office 365 and Microsoft Teams.
    Operating System (OS)
    Supported Web Browsers
    Windows 10
    Microsoft Edge, Internet Explorer, Chrome, Firefox 91+
    Windows 8 / 8.1
    Internet Explorer, Chrome
    Windows 7
    Internet Explorer, Chrome
    iOS
    Microsoft Edge, Intune Managed Browser, Safari
    Android
    Microsoft Edge, Intune Managed Browser, Chrome
    Windows Phone
    Microsoft Edge, Internet Explorer
    Windows Server 2019
    Microsoft Edge, Internet Explorer, Chrome
    Windows Server 2016
    Internet Explorer
    Windows Server 2012 R2
    Internet Explorer
    Windows Server 2008 R2
    nternet Explorer
    macOS
    Microsoft Edge, Chrome, Safari
  • What is the difference between a managed government furnished equipment and unmanaged equipment?

    Managed:

    • The equipment is configured, and software is updated by the department.
    • Password protection is enforced and updated.
    • Mobile equipment is managed through the Enterprise Mobile Device Management (EMDM) system.
    • Has access to work email.

    Unmanaged:

    • Devices not managed by EMDM.
    • Does not have access to work email or other work applications.
    • Password protection is not enforced.
  • I am still unsure if I have a managed or unmanaged phone. Is there a way to confirm one way or another?

    If you are unsure if you have a managed or unmanaged phone, please submit an online service request to the National Service Desk (NSD)

    When filling out your NSD request, please follow the guidance below:

    • Enter "Mobile Phone"
    • Select "None of the choices above address the issue with my Mobile device."
    • Select either "My issue is related to a iPhone device." OR "My issue is related to a Samsung device."
    • Select "The choices listed do not match my problem or request."
    • Select "The choices listed do not match my problem or request."
      (Note: Step 5 only appears for Samsung devices.)

    When prompted for additional details, please provide the following:

    • I have a mobile phone that was provided to me for work purposes.
    • It is a Samsung/iPhone.
    • Can I please be informed if it is a device managed by Enterprise Mobile Device Management (EMDM) or an unmanaged / non-EMDM device?
    • My mobile phone number is: XXX-XXX-XXXX
  • How will these restrictions affect employees who connect to the ESDC network using the Secure Access Virtual Environment – Desktop (SAVE-D)?

    If you are using a Secure Access Virtual Environment – Desktop (SAVE-D) to connect to the ESDC network, you will not be affected by these new restrictions.

  • How will these restrictions affect employees who connect to the ESDC network using Appgate?

    If you are properly connected to the ESDC network via Appgate, you will not be affected by these new restrictions.

  • How will these restrictions affect managed government furnished mobile phones with a data plan that have access to work email?

    If you are a holder of a properly configured corporate mobile phone with a data plan and can access work email, you will not be affected by these new restrictions.

    Note: Some employees and partners have been issued unmanaged corporate phones with data plans but no access to work email. Those phones will be blocked.

  • How will these restrictions affect unmanaged government furnished mobile phones without access to work email?

    Once restrictions are in place, unmanaged government furnished mobile phones without access to work email will be considered personal devices and restricted from accessing cloud applications (e.g., O365).

  • Will I still be able to attend a Microsoft Teams meeting using a personal device or unmanaged government furnished phone?

    Yes, everyone, including external guests and business partners without O365 accounts, will still be able to participate in unclassified Microsoft Teams meetings using any device after restrictions have been implemented.

    However, to do so, they will need to have been sent a Teams meeting invite from an ESDC employee or have forwarded such a meeting invite to their personal device.

    Connecting to Teams in this manner will identify you as an External Attendee. You will not be able to interact with or collaborate on documents.