PWGSC - IT Security Directorate (ITSD)

BLC has been contracted by PWGSC's IT Security Directorate to perform diverse critical assignments relating to Security. Some examples are:

	Specified and provided direction on specific configurations for various "security hardened" workstations processing Protected B information in Federal Government Departments. BLC delivered a report outlining how to configure and secure various workstations (User, Developer, System Administrator), as well as a test tool which provides a Workstation Security score mark.
	Defined and documented a local environment security architecture and standards profile within the context of the Risk Management Framework for a Protected B processing COTS environment. Determined generic standards (security services, security mechanisms, and recommended products), assurance qualification, and configuration requirements to deliver the necessary protection and accountability inherent with the processing environment. The necessary testing environment and plan (i.e. certification plan and types of testing scripts) to validate the recommended configurations were provided.
	Defined the vision, scope, strategy and D class funding estimate for the implementation of a Certification and Assurance framework.
	Designed and documented a risk management security product profiling standard and style-guide specifying a documentation standard to be implemented within the context of the PWGSC Risk Management Framework. Documentation standards, qualification of metrics for assurance declaration, development and resource requirements to produce a security product profiling reporting framework that supports C&A activities were delivered.

Since the Criminal Code of Canada provides specific direction as it relates to the interception of information, BLC was asked to define a reporting framework and establish procedures for performing monitoring activities as they relate to wireless LANs.