What do you want to do with this information?
Secret

  • Phone

    Avoid using speakerphone when discussing sensitive information; use earbuds or headsets to prevent an unauthorized disclosure of the discussion.

    Ensure that any work that includes the discussion of sensitive information, over the phone, is conducted in such a way as to prevent the mention of this information within hearing distances of others and/or virtual assistant recording devices (e.g. Siri, Google Home, Amazon Alexa, etc.) as this could result in a security incident involving the national interest of Canada. Some examples include, but are not limited to, Cabinet Confidences, budgetary information (before release to the public), etc.

    ** Important Note: Videoconferencing Not Permitted**

  • Marking

    Marking

    Top right-hand corner of each page.

  • E-Mail

    E-Mail

    Due to its high sensibility, it cannot be shared by e-mail.

    ESDC employees send and receive thousands of e-mail messages; some of them sensitive. Within the ESDC electronic network, technology is in place to help keep information safe (including occasional prompts to consider encrypting certain emails). But there are always risks, which can be mitigated by employees understanding how to manage certain information.

  • By Mail

    By Mail

    Canadian flagBy Mail In Canada

    Internal mail (ESDC Courier within local ESDC locations):

    Double sealed envelope (no security markings on outer envelope) appropriately addressed. Warning on the inner envelope "To be open only by… (name or position)" with security markings and include a transmittal note and receipt.

    Secret to be opened only by: M. A. Bcdef

    ESDC Regions / other stakeholders (ESDC Regions and Federal Departments / Agencies, Provincial Governments or third party private sectors contracted by the department):

    Double sealed envelope (no security markings on outer envelope) appropriately addressed. Warning on the inner envelope "To be opened only by … (name or position)" with security markings and include a transmittal note and receipt. The use of Priority mail, Xpresspost or messenger service is required as they are using a tracking and signature on reception process.

    Secret to be opened only by: M. A. Bcdef

    globeExternal mail (outside Canada):

    Note: The use of the Diplomatic Mail Services is strongly recommended. Contact Global Affairs Canada Diplomatic Mail Services for procedures. The DSO must approve any transmittal of Secret information that is not sent by DFAIT Diplomatic Mail Services.

    Diplomatic Mail Services

    Plus
    Secret to be opened only by: M. A. Bcdef

    If approved by the DSO, double sealed envelope (no security markings on outer envelope) appropriately addressed. Warning " To be opened only by… (name or position)" with security markings and include a transmittal note and receipt. The use of Priority mail, Xpresspost or messenger service is required as they are using a tracking and signature on reception process.

    Secret to be opened only by: M. A. Bcdef
  • Fax

    Fax

    Secure Fax is required. Any of the following installations are authorized.

    Warning: In order to use the equipment listed below, you must contact the COMSEC Custodian to obtain the authorisation and the instructions at 819-956-4697 or by e-mail to nancy.courtemanche@servicecanada.gc.ca.

    Viper phone, Secure Terminal Equipment (STE) phone, Sectera BDI Terminal, or Omni Secure Terminal used with Ricoh Secure Fax (COMSEC Equipment)

    viper phone, Ricoh Secure Fax, Omni Secure Terminal, Sectera BDI Terminal, STE Phone
  • Transport

    Transport

    Canadian flagTransport In Canada

    Transport by hand inside the department

    Please note that discretion is required and the purpose of using the red folder is to emphasis the need for securing the information accordingly during silent hours.

    Within restricted areas (Operation zone, Security zone, high Security zone):

    Situation1:

    When transported by hand directly to the addressee, the Secret red folder can be deliver without envelopes. Please note that discretion is advice. (e.g. ADM to ADM, etc.).

    Important: Both employees must hold a Secret clearance.

    document
    In
    Situation 2:

    When transported by hand to someone (not the addressee), the Secret red folder must be inserted inside a double sealed envelope with no security marking on the outer envelope, properly addressed and with a note on the inner envelope "To be opened by addressee Only". (e.g. ADM to ADM`s assistant, etc.).

    document
    In
    In
    Secret to be opened only by: M. A. Bcdef

    Outside restricted areas (Reception zone, Public zone):

    When transported outside a restricted zone, the Secret red folder must be inserted into a double sealed envelope with no security markings on the outer envelope, properly addressed and with a note on the inner envelope: "To Be Opened by Addressee Only" The use of a secure briefcase or approved backpack is required.

    Note: For the transport of several documents, it is highly recommended completing an inventory of the information being transported by the employee and providing a copy to the manager.

    documentFor the transport of several documents, it is highly recommended completing an inventory of the information being transported by the employee and providing a copy to the manager.
    In
    In
    Secret to be opened only by: M. A. Bcdef
    In
    Secure Backpack. Details below
    Details

    Secure Backpack

    RCMP Approved or meeting the following specifications which were approved by the Chief Security Officer (CSO):

    Secure Backpack. long description below.
    • Backpack with wire reinforced straps & belts (cut resistant).
    • Lockable with strong protected zippers.
    • Tamper proof or tamper evident.
    • Reinforced cut proof material (a mesh inner layer is good).
    • The manufacture's locks must be replaced with an approved Abloy Padlock model PL-321-20 or PL-321-50. Do not use the manufacture's supplied padlock.
    • The bag should have the potential for a separate inner locking sleeve for IT equipment (if required).

    Locking sleeves: Some models are equipped with a laptop sleeve designed to be locked using a stainless steel wire and padlock. It can be locked while inside the backpack or outside the backpack. This feature prevents an opportunistic adversary from tampering with the contents as well as providing moderate security against opportunity theft. The locked inner sleeve can provide some degree of security against inadvertent or opportunistic compromise in the event of loss.

    Warning: This item does not replace constant supervision, but can provide some security against opportunistic theft or tampering to laptops at conferences, meetings and other situations where an individual may be alone and realistically unable to monitor the laptop at all times.

    Conditions of Use
    Or
    Secure Briefcase. Details below
    Details Conditions of Use

    Canadian flagTransport In Canada

    Transport outside department – In Canada

    Note: The use of the DFAIT Diplomatic Mail Services is strongly recommended. Before transport and transmittal of Protected C, Secret and Top Secret information, the sender must obtain the approval of the Chief Security Officer (CSO)

    Secret information must be transported in a double sealed envelope, no security markings on the outer envelope, security markings on the inner envelope and properly addressed. The use of a secure briefcase is required.

    If traveling by personal motor vehicle, you must place Secret information in an approved carrying case and lock it in the trunk or out of sight in a locked vehicle. Placement of the approved case is temporary and must be removed at destination. Stopovers are not permitted but if you require a stopover for an urgent matter, the case cannot be left unattended in the vehicle and must be in your possession at all times.

    Note 1: This applies to personal motor vehicles only; public transportation procedures (e.g. buses, planes, trains, etc.) require that the case remain in your possession at all times.

    Note 2: For the transport of several documents, it is highly recommended completing an inventory of the information being transported by the employee and providing a copy to the manager.

    document
    In
    Secret to be opened only by: M. A. Bcdef
    In
    Secure Backpack. Details below
    DetailsConditions of Use
    Or
    Secure Briefcase. Details below
    DetailsConditions of Use
    Electronic format:

    Encrypted USB keys and encrypted portable drives issued by the department can be used if permission is granted and transported inside the same containers.

    globeTransport Outside Canada:

    Transport outside department - Outside Canada

    Note: If transported to, from, or within foreign countries and particularly in non-NATO countries, there is a much higher risk of compromise by customs or other government information gathering services. The use of the Global Affairs Canada Diplomatic Mail Services is strongly recommended for non-NATO countries. Before the transport and transmittal of Protected C, Secret and Top Secret information, the sender must obtain the approval of the DSO

    Secret information must be transported in a double sealed envelope. No security markings on the outer envelope and security markings on the inner envelope and properly addressed. The use of a secure briefcase is required.

    If traveling by personal motor vehicle, you must place Secret information in an approved carrying case and lock it in the trunk or out of sight in a locked vehicle. Placement of the approved case is temporary and must be removed at destination. Stopovers are not permitted but if you require a stopover for an urgent matter, the case cannot be left unattended in the vehicle and must be in your possession at all times.

    Note 1: This applies to personal motor vehicles only; public transportation procedures (e.g. buses, planes, trains, etc.) require that the case remain in your possession at all times.

    Note 2: For the transport of several documents, it is highly recommended completing an inventory of the information being transported by the employee and providing a copy to the manager.

    document
    In
    Secret to be opened only by: M. A. Bcdef
    In
    Secure Briefcase. Details below
    DetailsConditions of Use
    Electronic format:

    Encrypted USB keys and encrypted portable drives issued by the department can be used if permission is granted and transported inside the same containers.

  • Electronic Storage

    Electronic Storage

    Electronic copy: Secret electronic information can be stored on the Sensitive Document Collaboration Service (SDCS), also known as the Secret Sharepoint,    or stored on departmental approved encrypted USB portable device and secured in an approved security cabinet or container. Electronic information cannot be stored on the Laptop’s hard drives.

    Access to SDCS is managed by branch coordinators. SDCS is only accessible to employees who have:

    • a Secret security clearance, and
    • have been added to the access control list by their branch coordinator.

    For more information, please contact the National Service Desk (NSD)

    You should also know...

    • New sensitive documents must be created within SDCS
    • Compatible with Microsoft Office (e.g. Word, Excel, PowerPoint)
    • Computer must be connected directly to the ESDC electronic network
    • Only for Protected C, Confidential, and Secret documents
    • For internal ESDC use only
    • Do not create or save copies of sensitive documents anywhere else
    • Not compatible with PDFs
    • Cannot be used over AppGate or when using GC Wi-Fi or VPN outside of a secure work area
    • Not for Protected A, Protected B, or Top Secret documents
    • Not for external use (e.g. collaboration with other departments)

    Encrypted USB portable device

    Note: Must be transported, transmitted and stored in the same manner as paper information, commensurate to the level of sensitivity of the information they contain. Any of the following cabinets are approved.

    integral lock

    Dasco (integral lock)

    Safe (integral lock)

    2 or 4 drawer

    Locker Safe

  • File Store

    File Store

    Secret information need to be inserted inside a red folder, properly marked and must be stored inside a Security Zone or a High Security zone.

    Filing Cabinet (with integral lock)
    Only approved filing cabinet, equipped with an integral lock, are approved for the storage of records classified up to Secret in a Security or high Security Zone (see definition below).
    Dasco cabinet
    The use of a Dasco metal cabinet is approved for the storage of records classified up to Secret in a Security or high Security Zone when the tambour door is closed and the combination lock is set.
    Electronic copy:
    Store on network drive or department-approved and issued USB storage device in locked cabinet.

    Definitions

    Security Zone
    An area to which access is limited to authorized personnel and to authorized and properly escorted visitors. The zone must be monitored continuously 24 hours a day and 7 days a week. As for example: An area where secret information is processed or stored.
    High Security Zone
    An area where access is limited to authorized appropriately screened personnel, authorized, and properly escorted visitors. The zone must be monitored continuously 24 hours a day and 7 days a week and where details of access are recorded and audited. As for example: An area where high-value assets are handles by selected personnel.

    These are the approved secure cabinets that can be used with their respective locking mechanisms.

    File Folder

    integral lock

    Dasco (integral lock)

    Safe (integral lock)

    2 or 4 drawer

    Locker Safe

    Secure Storage Room (SSR)

    A Secure Storage Room is intended to function as an approved storage container for open-shelf storage of a large amount of classified or highly sensitive non-national (Protected) information or assets. The SSR is designed for location in a Security Zone or High Security Zone in a federal government building. The SSR is essentially a “security container” and its role is to primarily protect against surreptitious attacks but also detect and delay forced entry.

    Note: As part of his oversight role, the Chief Security Officer (CSO) must assess the security measures in place to ensure they meet the minimum Security Requirements and approve the security measures in place.

    Note: For any additional information, please contact your Regional Security Office.

  • Print, Copy & Scan

    Every ESDC employee is responsible for ensuring the protection of sensitive departmental information against loss or unauthorized disclosure and must follow the measures below based on the categorization of the information.

    Secret information can be printed, scanned or photocopied using the following guidelines:

    • Secret documents cannot be printed, copied or scanned using a Network printer
    • A stand-alone printer (Not connected to the Network) must be used for printing, copying or scanning
    • The stand-alone printer must be located in a Security Zone Footnote *
    • If available, a password function must be used for printing
    • Secret documents cannot be left unattended on printers
  • Downgrading, Declassification

    Declassification is the decision, recorded in writing, of the originator of the protected information or an officer authorized by the Deputy Minister to remove the categorization level of the document. Redact (hide) all sensitive information that could identify an individual or have an impact on the Department is required.

    Downgrading is the decision, recorded in writing, of the originator of the protected information or an officer authorized by the Deputy Minister to lower the categorization level of the document.

    Downgrading at Confidential or Protected levels: Redact (hide) the information that qualify at the Secret level and the remaining information as required to meet the requirements for Confidential or lowered levels.

    Information is to be identified as protected only for the period of time it requires safeguarding. After this period, the originator or the authorized officer is to have it declassified or downgraded, appropriately marked, and to inform all recipients of this action and its effective date. Whenever possible, originators are to provide, at the time the information is created or collected, a specific date or event at which time declassification or downgrading may occur.

    As a minimum, an automatic expiry date of 10 years should apply to the categorization of most information; however, the automatic expiry date would not apply to information classified as Top Secret nor to information identified as particularly sensitive Protected B, (e.g. medical records) or extremely sensitive, Protected C, (e.g. witness protection information).

  • Destruction

    Destruction

    Type II destruction equipment is defined as shredder or disintegrator approved for the secure destruction of Secret, Top Secret and Protected C information written on paper or other text based media.

    Type II (Level 6)
    A special sub-category reserved for RCMP approved and SEG listed high security shredders which meet the NSA (USA) standard 02-01 for high security paper shredders. These exceed the security and performance requirements of the RCMP Destruction Standard and are recommended for cases where a TRA recommends a higher degree of security
    (e.g.: embassies, overseas deployments, smaller than 12 point font text size.Footnote 1.)
    Approved Office Category Paper Shredders and Disintegrators Selection Guide
    ClassificationTypeShred Size (Maximum)Disintegrator
    Screen Size Footnote 3    		Comments
    Secret
    (General office use)    		 Type II 1mm x 14.3mm 6mm Select Type II (level 6) equipment where a TRA recommends.

    RCMP Security Shredding Standards (Comparison relative to a 2 inch paper clip).

    Cross Cut - Security Type II - Level 5
    0.8 mm x 11 mm particles

    Cross Cut - Security Type II - Level 6
    1 mm x 4.7 mm particles

    Type II (Level 5) is recommended.

    IT Media Devices

    Optical: CD, DVD, Blu-Ray disks:
    Reduce discs to small pieces < 10 mm2 (1/8" x 1/8") or less if the destruction equipment is capable; or Grind the disc surface to remove the coloured data layer, leaving only a semi-transparent plastic disc (CDs only).
    Solid –State Drives (SSD) and USB Flash Drives
    Sanitize, then destroy to pieces < 40 mm2 in area (e.g. ¼ x¼"); or, if unable to sanitize, destroy the device or storage components to particle size < 2 mm2.
    Smartphones and Tablets
    Sanitize, then destroy to pieces < 10 mm2 in area (e.g. ¼ x¼"); or, if unable to sanitize, destroy the device or storage components to particle size < 2 mm2.

    Destruction Facilities and Services

    The RCMP Technical Security Branch has a Destruction Equipment Guide, which is a comprehensive and completely revised guide to the selection of destruction equipment and services. Please contact your local Regional Security Office RSO for guidance and details as Public Services and Procurement Canada (PSPC) need to be contacted for destruction service contracts or equipment purchases.

  • Retention

    Retention