Security

Definition

The continuous assessment of risks and the implementation, monitoring and maintenance of the appropriate internal management of security controls involving prevention (mitigation), detection, response and recovery.

What Employees Need to Know

Employees need to have basic knowledge and the establishment of a more secure workplace as a part of their daily activities.  Managers need to regularly remind employees of the role they need to play in order to achieve safety and security in the workplace.

Employees should, at all times, protect departmental and/or personal information assigned to their care, including the handling, storage, transmission/transporting, release and destruction of such information;

• reporting possible security breaches, violations and security incidents to their manager or supervisor;
• allowing access to departmental and/or personal information only to persons who have a proper security screening level and on a "need to know" basis; and
• applying physical and information technology security measures to control access and prevent compromise of departmental and/or personal information and assets.

Employee Roles and Responsibilities

• For the protection and handling of all levels of information (A, B, C, Confidential, Secret, Top Secret) refer to the Information Categorization Tool;
• Clean Desk Guidelines provide helpful tips for employees and managers on best practices to ensure that information and assets are protected
• To report security incidents - refer to Security incidents.

Tools and Resources

• Departmental Security Site
• IT Security

Training

• Security 101: It Starts With You!

Contacts and Links

• NHQ and Regional Security Offices
• IT Security
• National Service Desk (NSD) or call: 1-800-268-0408