6002-4 Management of Portable Information Technology Device
Cadets and Junior Canadian Rangers Group Order (CJCR Gp O)
On this page
1. Identification
Date of Issue: 2020-09-15
Date of Verification: N/A
Application: This is an order that applies to members of the Canadian Armed Forces (CAF) and a directive that applies to Civilian Instructors and employees of the Department of National Defence (DND) employed within the Cadets and Junior Canadian Rangers (CJCR).
Supersession: N/A
Approval Authority: This order is issued under the authority of the Comd CJCR Gp.
Office of Primary Interest: CJCR Gp DCOS IM/IT
Enquiries: CJCR Gp DCOS IM/IT
2. Abbreviations
Abbreviation | Complete Word or Phrase |
---|---|
DIM Secur | Director Information Management – Security |
IT SMC | Information Technology Service Management Centre |
NDSOD | National Defence Security Orders and Directive |
OA | Operational Authority |
PITD | Portable Information Technology Device |
SLOC | Storage location |
SSC | Shared Services Canada |
USB | Universal Serial Bus |
3. Definitions
Management. Management refers to authorization (for scale of issue), acquisition, tracking, utilization, usage monitoring, replacement and disposal.
Portable information technology device. In the context of this Gp Order, a portable information technology device is any technology that is made for portable information storage. Examples include: USB memory sticks, memory cards and external hard drives.
4. Context
4.1 The use of PITDs are required in the fast-paced, dynamic DND/CAF work environment. They allow employees to communicate and perform their duties within the workplace and remotely, when access to DND/CAF networks or computer storage space is not possible. PITDs can enable business to occur easily with access to convenient portable temporary storage of information that can be transferred easily.
4.2 PITDs pose the following security risks:
- lost PITDs can result in non-authorized individuals potentially accessing the information;
- infection of a system/network; and
- allows users to extract large amounts of data.
4.3 PITDs shall be provided to personnel when required, while ensuring that proper security controls are applied to maintain positive control of all data on issued PITDs.
5. Authority
5.1 Under this Gp Order, authority is delegated to DCOS IM/IT, through IT SMC, for acquisition, control, tracking, replacement and loan.
5.2 It is the responsibility of the HQ and RCSU COs to ensure that PITDs are managed in accordance with all applicable policies, and to ensure their most effective and efficient use.
6. Usage
6.1 Request for new PITDs must be made through IT SMC. Requirements will be vetted on a case-by-case basis, in collaboration with IT SMC, the user, and the unit J6.
6.2 All PITDs will be encrypted and their use will be restricted by leveraging alternative means when available.
6.3 Personnel and cadets within the CJCR Gp are not permitted to use PITDs from outside sources on DND/CAF networks or workstations.
6.4 PITDs will be issued solely to an individual who has signed for the PITD. The device cannot be used by other personnel.
6.5 PITDs issued to corps/squadrons will be placed on SLOC account and managed locally by Corps/Sqn CO, consistency with this Gp Order.
6.6 PITD users must:
- properly secure PITDs in locked storage when not in use, in accordance with their security classification, as any other physical document;
- return a PITD to IT SMC when it is no longer required, damaged or position is vacated; and
- immediately report the loss or theft of a PITD to IT SMC to mitigate the impact caused by the theft or loss.
6.7 PITD users must not:
- use a PITD to transfer data between CCO Net and DWAN
- connect a personal or a non-DND/CAF PITD to any DND/CAF IT systems. All promotional PITD provided by DND/CAF are considered non-DND assets and will not be used in any CAF/DND IT system;
- connect a DND/CAF PITD to a personal device;
6.8 Requirements for a non-encrypted PITD must be approved by DCOS IM/IT on behalf of the OA.
6.9 Any PITD that is not properly used must be returned to IT SMC to be disposed of, replaced, or sanitized.
7. Publication
Frequency of Publication
7.1 Annual or more frequent review and updates, as required.
Errors/Omissions or Suggestions
7.2 Users of CJCR Gp Orders are encouraged to identify any errors, omissions or suggested orders to the attention of CJCR Sp HQ J1 Policy.
8. References
Source References
- CCO Net Security Orders
- DAOD 6002-3, Management of Mobile Wireless Devices
- Defence Chief Information Officer (CIO) Directive 003: Acceptable Use of DND/CAF Mobile Devices
- DND/CAF Information Technology Security Standard for Portable Information Technology Device (ITSS-01) Sections 3.20-3.23: ITSS-01 – Portable Information Technology Devices (PITDs)
- DWAN Security Orders
- IMS 6003-1-1 Information Technology Security Incident Management.
- ITSM Enterprise IT Service Agreement, 19 April 2017
- Policy on Acceptable Network and Device Use
- Shared Services Canada Act updated 22 June 2017
- SSC Operating Standard for the provision of telecommunication devices v2.0
Related References
Page details
- Date modified: