DND/CAF Security Guide for Mobile Work

August 15, 2022 - Defence Stories

ADD ALT TEXT CONTENT HERE
 

The Department of National Defence and the Canadian Armed Forces (DND/CAF) provide mobile work services to the Defence Team to support an agile and mobile workforce operating outside of DND/CAF facilities. This guide provides information on how the Defence Team can securely use mobile work tools to meet operational and business requirements while also protecting DND/CAF users, information and assets. This guide applies to all mobile work situations, including telework and remote work.

General Mobile Work Security Best Practices

When working remotely, Defence Team members perform their activities in an environment that does not benefit from the physical, personnel and information security measures normally implemented in DND/CAF facilities. This change in security requires additional security consideration by both users and their supervisors. The following best practices are recommended in any mobile work situation:

*Although authorized for information up to Protected A, Defence 365 may be used for limited Protected B audio (conversation only). No recording, chat, files, pictures, screen sharing with Protected B content is authorized. See acceptable use for conditions and details.

Defence Enterprise Mobile Access (DWAN T-DVPNI)

The DND/CAF’s main mobile work solution for working with information up to Protected B is the Defence Wide Area Network (DWAN) laptop and Public Key Infrastructure (PKI) card. This is also known as the Transparent Defence Virtual Private Network Infrastructure (T-DVPNI). This capability provides access to Defence enterprise services nationally, and upon approval, in many international situations. Contact your Service Management Centre (SMC) for details. For international use, contact the DWAN Information System Security Officer (ISSO).

Defence 365

The deployment of Defence 365 (D365) offers increased mobile work flexibility for the Defence Team. Based on Microsoft Office 365, D365 is a cloud-based suite of tools providing collaboration, chat and videoconferencing capabilities to Defence Team members using both their personal and work devices. Consult the Defence 365 Portal (available via D365) for further details.

Note: Non-Defence Team guests may join teleconference meetings with limited capabilities.

Be aware of phishing emails! Do not fall for fake Office 365 sites and phishing emails posing as DND/CAF messages related to your accounts!

Government Furnished Smartphones

DND/CAF uses both DND and SSC provided smartphones. These devices include both a personal workspace and a business workspace to access enterprise services such as DWAN email and calendars. These devices (using cellular service) may be used for Protected B audio conversation and may also be used for up to Protected B messaging through the approved chat applications (i.e. Blackberry Messenger (BBME)). Personal applications installed may not be used to process DND/CAF information. Contact your SMC for further information on mobile phone services, or contact DIM Secur OPS for use outside of Canada.

Classified Mobile Solutions

Some DND/CAF operations and functions require mobile access to classified systems. There are available solutions to meet these requirements. Contact your SMC for further information.

Publicly Available Tools for Mobile Work

In addition to the capabilities above, there are other commercial and social media tools that can enable collaboration with partners, colleagues and other Defence stakeholders. Examples include Zoom, Facebook Messenger, Google Duo, and Slack. These applications have not been authorized for sharing sensitive information and in accordance with  DAOD 2006-1, may only be used to share and process unclassified information that is releasable to the public. Before using these collaboration tools, consult your Unit Information System Security Officer (Unit ISSO), or visit DIM Secur IT Security FAQ page (available only via DWAN), and review the platform privacy policy and licensing terms.

Additional Resources

A comprehensive list of information technology services and points of contact are available on the Information Technology Service Management (ITSM) Programme website. 

Page details

Date modified: