Industry committee  Thank you, Ron. Thank you, Mr. Chair. At Shared Services Canada we take a holistic approach to applying security practices to support our partners. The functions vary, and include prevention, prevention techniques, detection techniques, and then response and recovery. We do p

Industry committee  We use the Government of Canada security policies and procedures to bring in people. Most of our administrators are cleared to a secret level, using the clearance process that we have within government. For departments such as the RCMP, FINTRAC, and other special departments, the

Industry committee  Thank you, Ron. With regard to the privacy concerns for the data, we do work very closely with the customer organizations to identify the data security needs, and we employ security measures commensurate with the classification of data or the privacy impact assessments of the da

Industry committee  On the prevention side we have many controls that form the overall preventative system. For example, we have security technology in place to block certain types of attacks and certain types of emails from going through. We also conduct a number of assessments on the infrastructur

Industry committee  We work very closely with the departments. Some departments, especially people in the communications area, need to access social media, so we work with individual customers to ensure that they are aware of the security risks and what needs to be done to ensure they are not clicki

Industry committee  There was one recent event related to the Apache Struts 2, which is a web application developmental framework. StatsCan services were impacted by that particular vulnerability. There has been no data alteration or data breach. We were able to detect it very fast, and then took th

Industry committee  Thank you, Ron. In terms of external access, the StatsCan network is well protected behind firewalls. People from outside who are trying to access StatsCan have to breach the firewall. We do have protective mechanisms and detective mechanisms. Also, there is a layer of defence t