Securing Computers and Devices

Securing technology concerns safeguarding IT assets from physical and digital security threats and attacks.

Do you...

• always lock your computer screen when you step away?
• lock your Blackberry or other department-issued devices?
• secure your computer and personal work devices?
• use approved portable devices?

The following resources and guidelines are available to help employees understand what they can do to keep our IT assets safe and secure.

Do’s and Don’ts

• Approved Portable Media
• Entrust Encryption and myKey
• Laptops
• Internet, Intranet and Web Browsing
• Passwords
• Permissions and Delegations
• Security Questions and Responses
• VPN and Remote Access
• Wireless Devices
• Workplace and Desktop

Every employee should know which technology is to be used in all instances to ensure our information is secure.

• Accessing and Storing Information Securely
• Transmitting Information Securely
• Transporting Information Securely
• Monitoring Information

Frequently Asked Questions

• 1.  Why can’t I turn off my computer at the end of the day?

  It is necessary to keep departmental computers powered on to allow after-hours computer maintenance and installations such as virus scans, security patches, software pushes and anti-virus program updates. Technologies are being investigated so that in future, employees will be able to power their machines off at night.

  In the meantime, all employees must follow proper end-of-day procedures for off-hour maintenance to avoid security risks to the Department:

  • Workstation desktop - Windows 7: Restart computer
  • Remote Connection (VPN) - Windows 7: Logoff your active session (laptop)

• 2.  I just want to charge my personal device at work. Is this ok?

  No. You cannot charge your personal device (including cameras, smart phones, cell phones, cameras, tablets and MP3 players) by plugging it into ESDC computers or laptops. Scans are being conducted to ensure that only approved USB devices and other approved portable devices are being connected to departmental computers.

• 3.  Why do employees have to take IT security precautions - isn't the Department equipped to prevent security risks, e.g. firewall, virus scans, etc.?

  While Departmental IT security measures are in place, outside security threats can be quite sophisticated and can potentially circumvent our measures. Therefore, all employees have a role to play in ensuring the security of departmental information.

• 4.  Why are our network drives being scanned?

  The purpose of scanning network drives is to ensure that sensitive, personal or classified information is properly stored (and, therefore, protected). The scanning helps identify high risk files and will assist the department with Information Management cleanup activities and help prevent inadvertent data loss.

• 5.  Why are unencrypted and personally-purchased USB Keys and Portable USB Hard Drives being prohibited?

  Unencrypted USB Keys and Portable USB Hard Drives are prohibited because they pose an unacceptable risk to departmental information. Their small size makes them very easy to lose or misplace, therefore making it difficult to protect the information that is stored on them.