DND/CAF Security Guide for Mobile Work
August 15, 2022 - Defence Stories
The Department of National Defence and the Canadian Armed Forces (DND/CAF) provide mobile work services to the Defence Team to support an agile and mobile workforce operating outside of DND/CAF facilities. This guide provides information on how the Defence Team can securely use mobile work tools to meet operational and business requirements while also protecting DND/CAF users, information and assets. This guide applies to all mobile work situations, including telework and remote work.
General Mobile Work Security Best Practices
When working remotely, Defence Team members perform their activities in an environment that does not benefit from the physical, personnel and information security measures normally implemented in DND/CAF facilities. This change in security requires additional security consideration by both users and their supervisors. The following best practices are recommended in any mobile work situation:
- Be mindful of your surroundings. Limit opportunity for eavesdropping and ability for someone to view valuable information over your shoulder (shoulder surfing).
- Maintain control of DND/CAF provided assets and store appropriately when not in use.
- Protect and never share your credentials, passwords, codes, and tokens.
- Ensure that both personal and departmental IT devices are updated with the latest software and patches.
- Follow cyber security best practices to protect against phishing, malware and other threats. Consult GetCyberSafe.gc.ca for additional guidance.
- Report security issues to your Unit Information System Security Officer (ISSO) and Unit Security Supervisor (USS) or call your Service Desk.
- Defence Team members can use their personal devices to access the Defence 365 platform to process information up to Protected A*. Defence Wide Area Network (DWAN) is not accessible via a personal device.
- To work with information up to Protected B, Defence Team members can use DND/CAF-provided equipment (Computers, laptops, tablets, and phones) which provides access to both the DWAN and Defence 365.
- In order to work with Protected C and Classified information, authorization and additional IT capabilities are required.
*Although authorized for information up to Protected A, Defence 365 may be used for limited Protected B audio (conversation only). No recording, chat, files, pictures, screen sharing with Protected B content is authorized. See acceptable use for conditions and details.
Defence Enterprise Mobile Access (DWAN T-DVPNI)
The DND/CAF’s main mobile work solution for working with information up to Protected B is the Defence Wide Area Network (DWAN) laptop and Public Key Infrastructure (PKI) card. This is also known as the Transparent Defence Virtual Private Network Infrastructure (T-DVPNI). This capability provides access to Defence enterprise services nationally, and upon approval, in many international situations. Contact your Service Management Centre (SMC) for details. For international use, contact the DWAN Information System Security Officer (ISSO).
Defence 365
The deployment of Defence 365 (D365) offers increased mobile work flexibility for the Defence Team. Based on Microsoft Office 365, D365 is a cloud-based suite of tools providing collaboration, chat and videoconferencing capabilities to Defence Team members using both their personal and work devices. Consult the Defence 365 Portal (available via D365) for further details.
Note: Non-Defence Team guests may join teleconference meetings with limited capabilities.
Be aware of phishing emails! Do not fall for fake Office 365 sites and phishing emails posing as DND/CAF messages related to your accounts!
Government Furnished Smartphones
DND/CAF uses both DND and SSC provided smartphones. These devices include both a personal workspace and a business workspace to access enterprise services such as DWAN email and calendars. These devices (using cellular service) may be used for Protected B audio conversation and may also be used for up to Protected B messaging through the approved chat applications (i.e. Blackberry Messenger (BBME)). Personal applications installed may not be used to process DND/CAF information. Contact your SMC for further information on mobile phone services, or contact DIM Secur OPS for use outside of Canada.
Classified Mobile Solutions
Some DND/CAF operations and functions require mobile access to classified systems. There are available solutions to meet these requirements. Contact your SMC for further information.
Publicly Available Tools for Mobile Work
In addition to the capabilities above, there are other commercial and social media tools that can enable collaboration with partners, colleagues and other Defence stakeholders. Examples include Zoom, Facebook Messenger, Google Duo, and Slack. These applications have not been authorized for sharing sensitive information and in accordance with DAOD 2006-1, may only be used to share and process unclassified information that is releasable to the public. Before using these collaboration tools, consult your Unit Information System Security Officer (Unit ISSO), or visit DIM Secur IT Security FAQ page (available only via DWAN), and review the platform privacy policy and licensing terms.
Additional Resources
A comprehensive list of information technology services and points of contact are available on the Information Technology Service Management (ITSM) Programme website.
Page details
- Date modified: