Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Information Security Awareness
Transcript of Information Security Awareness
K To Z Files
Information Security Awareness
The Security intranet site has several guides and tools to assist employees.
: PINs are not subject to ATIP.
: PINs can by subject to an ATIP request and not providing them can be met with large fines
The security classification follows
Originator determines the level of security
Sensitive information received by X must be assessed and assigned the proper designation
*Always ensure that the designation matches the highest sensitivity contained therein.
PROTECTED A - limited personal injury
ex. Exact salary,
PROTECTED B - Serious personal injury
ex. SIN with other personal info, medical information.
PROTECTED C - Extremely grave personal injury
ex. Informant information, witness protection
Guides on the Intranet
PIN to Email
* Must identify and categorize information, by which unauthorized disclosure could reasonably be expected to cause injury to:
Private and other non-national interests
The national interest
NEED TO KNOW PRINCIPLE
CONFIDENTIAL - When disclosure might reasonably be expected to cause injury to the national interest.
SECRET - When compromise might reasonably cause serious injury to the national interest.
TOP SECRET - When compromise might reasonably cause exceptionally grave injury to the national interest.
Access to sensitive information and assets must be limited to those whose duties require such access.
Simply having the appropriate clearance does not entitle you to access the information!
Presentation to X
September 18, 2013
Declassification and Downgrading
Information must be classified or protected only for the time it
is the removal of the classification entirely
is the reduction of the classification.
Examples: Budget before release, Cabinet document
Changes are made in ink, dated and
1. Consult with originator/owner of info.
if they cannot be found, consult manager of
organization that originated or owned asset.
2. Communicate in writing that the change is
Secure discussion areas
Employees and Managers Security Guides
Transmittal of Sensitive information
Transport of Sensitive information
Handling sensitive information
Departmental Online Awareness (DOLA)
PIN TO PIN
*PIN-to-PIN transmission security
*PIN Address vulnerability
*Bypass of Virus/Malware Scanning and
*BBs with PIN to PIN usage should
not be recycled
*Useful tool for emergency situations
Is acceptable up to Protected B
Security vs. Convenience
**Remember to lock up USBs containing sensitive information**
*only forward PINs that are work related*
*ensure you use
PIN to PIN
PIN to PIN is more secure than email
PINs can easily be sent to the wrong person.
PINs are saved to the actual device
Secret vs. A secret
Over classification can be
costly to store and handcuff
you when the time comes
to share it.