12-40 – CCO Wide Area Network (CCO Net)
Cadet Administrative and Training Orders (CATOs)
On this page
1. This CATO defines the Canadian Cadet Organizations (CCO) Wide Area Network (WAN), commonly referred to as “CCO Net”, as the national information technology infrastructure (ITI) and hosting environment for CCO enterprise software applications.
2. This ITI supports the CCO’s IM Strategy (reference at paragraph 4.a.) and the overarching goal of “Interconnecting People” throughout the CCO community. The rationale for this ITI is further defined in the CCO ITI Business Case (reference at paragraph 4.b.).
3. This order applies to all CCO Net account holders.
4. The following documents are referenced in this CATO:
- Information Management Strategy for the Canadian Cadet Organizations - 2009-2015;
- Business Case - Integrated Information Environment for the Canadian Cadet Organizations;
- 2102-84 (Dir IM Secur 2-3-2), 16 Dec 10, Interim Authority to Process (IAP) Extension – CCO Net;
- CATO 11-34, CadetNet;
- CATO 12-41, Acceptable Internet Use within the CCO;
- CATO 23-04, Canadian Cadet Organizations Adult Screening Policy;
- CATO 23-05, Terms of Employment – Civilian Instructors;
- CATO 23-07, Civilian Volunteers in Support of Authorized Cadet Activities;
- CCO Net Security Orders;
- CCO Net User Manual; and
- CCO Net Quick Reference Guide.
5. For the purpose of this CATO, a CCO “unit” includes a local cadet corps/squadron, Cadet Summer Training Centre (CSTC), Regional Gliding School (RGS), Sail Centre, Adventure Training Centre, Regional Cadet Instructor School (RCIS), Detachment, or Regional Cadet Support Unit (RCSU).
6. It is extremely beneficial for any organization the size of the CCO, represented throughout the entire country, to have access to a common network that permits all of its members to communicate and share resources.
7. The CCO Net is a national Wide Area Network consisting of Local Area Networks (in locations such as RCSUs and CSTCs) as well as a Virtual Private Network (VPN) that securely interconnects all CCO users to one common ITI.
8. The CCO Net also serves as a secure hosting environment for a portfolio of IT services and enterprise software applications, some of which include:
- Data Management Services, including storage drives and FORTRESS, the national information management system of the CCO (described in Annex A);
- Communications and Collaboration Services, including file and content management and email. Currently CadetNet is the official electronic communications tool for the CCO (described in the reference at paragraph 4.d.);
- Web Services and specifically the CCO Web Content Management System (WCMS) which serves as the national platform and hosting environment for official internet and intranet websites;
- Infrastructure Services, including workstation and server life cycle system management, backbone systems, backup and recovery procedures, perimeter security and maintenance; and
- Technical Support Services, including customer support tools and personnel to maintain and assist in the use of IT assets and services.
9. Users must have an account on the CCO Net in order to access these applications as login credentials are shared with the network. This permits one set of login credentials for access to the network and any enterprise applications for which a user has been granted specific access.
10. Given the nature of their responsibilities, CCO personnel require secure remote 24/7 access to their enterprise applications and data. Accessibility and flexibility remain paramount. Accordingly, the CCO Net can be accessed (as per reference at paragraph 4.c.) from:
- CCO-issued computers;
- the Defence Wide Area Network (DWAN); and
- private computers over public Internet.
11. While access is permitted from private computers, the primary and secondary connection methods remain CCO-issued computers and the DWAN respectively. Users accessing via the third method (private computers) should be aware that there are certain restrictions and limitations with this connection method in order to mitigate the risks associated with non-DND computer access.
12 The Operation Authority (OA) for the CCO Net and the enterprise applications hosted within is the Director Cadets & Junior Canadian Rangers (D Cdts & JCR).
13. The management, administration and technical support is provided by ADM(IM) personnel on behalf of the CCO.
14. In accordance with (IAW) the reference at paragraph 4.c., the CCO Net and FORTRESS application are authorized to store and process information up to Protected A. The WCMS may process and store information up to Protected A on its internally-visible Intranet, but is limited to unclassified information on its publicly-visible portion (which includes the cadets.ca website).
15 The use of the CCO Net and the enterprise applications hosted within is restricted to recognized business requirements and authorized use as defined in the reference at paragraph 4.e.
16. Access is only granted, on a need-to-know basis, to authorized users with recognized business requirements based on the necessity to access resources in support of their role as member of the CCO.
17. All CCO Net users must have a valid security clearance. As indicated in the reference at paragraph 4.c., the minimum level is an Enhanced Reliability Check (ERC).
18. Additionally, being that the CCO is a youth organization, adult members are subject to the CCO Adult Screening Policy (as per reference at paragraph 4.f.).
19. Users request a CCO Net account by submitting a network access form. The form is included at Annex A of the CCO Net Security Orders (reference at paragraph 4.i.) which are available on the CCO national website.
20. CCO Net user accounts are restricted to the following:
- military personnel that are part of the Cadet Organizations Administration and Training Service (COATS) who are on an approved establishment within the CCO;
- Civilian Instructors (CI) authorized by an RCSU to work with the CCO (IAW reference at paragraph 4.g.) during the period covered by their CI employment agreement;
- Civilian Employees (Civ) under contract and authorized by an RCSU to work with the CCO;
- military personnel authorized to volunteer with a cadet corps or squadron by their Commanding Officer (CO) and the cadet corps/squadron CO; and
- although not a requirement in all regions, at the discretion of the RCSU CO, staff cadets who meet the security and requirement criteria may be granted access on a restricted basis under the following conditions (IAW reference at paragraph 4.c.):
(1) only those staff cadets who have a requirement to access while at a CSTC will be given an account, with access restricted to only what is specifically required for the performance of their duties. All access will be revoked at the departure of the staff cadet from the CSTC or when no longer required (whichever comes first),
(2) access shall not be granted to enterprise applications identified in the annexes of this CATO,
(3) the staff cadet holds a valid ERC, and
(4) inappropriate conduct, depending on the severity, may result in RTU, mandatory release per CATO 15-21, criminal investigation, and/or other disciplinary action per CATO 15-22.
21. Civilian volunteers (IAW reference at paragraph 4.h.), members of parents committees, sponsoring committees, cadet league members, and cadets (except as noted in this CATO) are not authorized to access the CCO Net or any of the enterprise applications hosted within.
22. ADM(IM) staff are responsible for the management of CCO Net accounts on behalf of each RCSU.
23. Accounts for D Cdts & JCR personnel will be managed by the Eastern Region IT Service Desk.
24. Respective RCSU administration staffs are responsible for requesting the account creation for all new CIC officers as part of the enrolment process.
25. COs are responsible for immediately contacting their Regional IT Service Desk when accounts require deactivation or suspension including when account holders cease to be part of their unit. When account holders transfer between units, the request to update account information shall come from the gaining unit CO. At D Cdts & JCR, RCSUs, and CSTCs, this is the responsibility of the administration staff on behalf of the CO.
26. Users are assigned only one account. If a user works with more than one unit or is temporarily assigned (such as at a CSTC) then the account profile is modified accordingly.
27. There should be no assumption of privacy on the part of account holders. The network and its components are content filtered, logged and regularly monitored.
28. Account holders shall read and comply with the CCO Net Security Orders (reference at paragraph 4.i.).
29. Users are individually responsible for ensuring that login credentials and protected information (such as cadet personal information) is safeguarded at all times. Users therefore need to be aware of bystanders and security cameras when accessing the CCO Net and enterprise applications.
30. The use of up-to-date antivirus software is mandatory on all computers used to access the CCO Net. If a user chooses to use a non-DND computer, the user becomes responsible for ensuring that it is equipped with current antivirus software.
31. All account holders share a responsibility for the overall security of the CCO Net, and as such they shall report any suspected violations. The CCO Net Information Systems Security Orders include procedures for reporting any suspected violations, and includes contact information for the CCO regional and national Information Systems Security Officers (ISSOs).
32. For technical support, users are to contact their respective Regional IT Service Desk. Contact information is provided in the CCO Net Security Orders (reference at paragraph 4.i.).
33. Users may also consult the CCO Net User Manual and Quick Reference Guide (references at paragraphs 4.j. and 4.k. respectively).
OPI: D Cdts 2
Date: Mar 11
Amendment: Original (Ch 4/11)
- Date modified: