Talent Development Centre

Tag Archives: security

All Talent Development Centre posts for Canadian technology contractors relating to security and security clearances.

IT Challenges and Priorities of North American Companies

IT Challenges and Priorities of North American CompaniesHow up-to-date are you on the struggles and strategies of your industry? Understanding what companies are facing can help you plan which skills you will enhance over coming months, as well as help you develop a better sales pitch for your contracting business. There are plenty of sources and studies available to help you understand potential clients’ agendas, and new research is being published regularly. Here are a couple recent ones…

A CDW Canada survey of Canadian organizations learned that their top security concerns are intrusion prevention (39%) and Ransomware protection (35%). Even with these concerns, most are still exploring or implementing cloud deployments; in fact, half of them are planning hybrid solutions in 2017. While most organizations are adopting cloud strategies in one way or another, only 16% would consider themselves a “cloud-first” organization.

The survey revealed some additional IT-related priorities for Canadian organizations. For example, when asked about emerging technologies that will have the most impact on their business, the top responses were analytics and big data, as well as the Internet of Things (IoT). In addition, 10% plan to replace legacy tools and applications with new technologies and 31% plan to upgrade or update their current tools and applications in their unified communications strategies.

South of the border, mid-market US-based companies are having a challenging time attracting and retaining IT talent — that’s according to a recent CFO Research survey. The findings detail how 49% of finance executives state that their challenges to keep tech professionals in the company have an adverse effect on them. Once they do secure IT employees, the struggles with those people continue with technical competency, strategic planning and vision, industry knowledge, project management, and customer service skills.

Naturally, the US companies surveyed are dealing with their issue by turning to external services. Rather than training or continuing their search, CFO Research learned that most are bridging the gap by moving to cloud services and eliminating a need to source, manage and maintain computer hardware, as well as turning to managed IT services. Regardless of their concerns about costs, the provider’s ability to understand the company, service quality or security breaches, the overall feeling among the executives surveyed is that this solution has been successful.

Have you come across any recent studies about your industry that help you prioritize your training? If so, please share the links below so other readers can benefit.

How to Create (and remember) the Perfect Password

How many logins do you have? We’re bombarded with online accounts where we need to create a username and password every day. The result is using the exact same, terrible password in hopes that we’ll remember it. As an IT professional, you already know this is terrible practice, but so many are still using the old “Password123” security method.

Perhaps that one-off account you created to leave a comment on a blog wasn’t all that important, but you do need to place priority on strong passwords for websites like banking and email. This infographic from WhoIsHostingThis provides rules for a strong password (you’ve seen them all before) AND it provides some tips on remember and managing your passwords.

How to Create the Perfect Password - Via Who Is Hosting This: The Blog

Source: WhoIsHostingThis.com

Secure Yourself in the Internet of Everything

The Internet of Things (IoT) has made our lives exciting. Innovators are working overtime, doing their best to connect everything imaginable to the internet. In fact, if you speak to some people in the industry, they’ll tell you companies’ approaches are often to create a solution first and then hope there’s a demand from consumers. The result is an influx of random items we can control with our smartphone, even if we really don’t care to do so.

As fun as it may be to have every smart device connected, it can come with many risks. Anything connected to the internet can also be attacked, which brings the adventure from fun to concerning. If you’re the type who likes to get every smart gadget and dive into IoT innovations, then make sure you also understand how to protect yourself against certain risks. This infographic from TrendMicro can help you start to understand the possible attacks on the Internet of Everything and how to secure your smart device ecosystem.

Layers and Protocols: Possible Attacks on The Internet of Everything #infographicYou can also find more infographics at Visualistan

How Weak Are Your Passwords?

“Passwords are like apples in a fictional garden” – that’s the opening phrase in this video from Seeker. In it, they explain the basics of how passwords work, different security strategies, and above all, how hackers understand all of this to break into your account.

We create passwords for everything — social networks, job boards, online stores, government websites, the list is endless. As such, you should regularly review your security processes to ensure you’re not being hacked. One simple slip can lead somebody to your banking and identification information, which could in turn complicate your life beyond belief. So, we strongly encourage you to review this video. If you’re an IT security expert, we’d love your suggestions as well! Please share any additional tips in the comments below.

2017: The Year of Encryption Everywhere (Infographic)

Security is far from a “rising trend” in 2017 — it’s a fact that has now ruled the internet for years and is not going anywhere. One thing we can be certain of is that as hackers get more sophisticated, so too must our security, and specifically encryption.

According to this infographic from the SSLShop, 2017 is going to see the most encryption yet, due to a number of factors, including Google’s upcoming browser features. If you’re involved in any website or security projects, have a look to see what you can expect in the coming months. Is there anything you can add or would reject from the list?

2017 The Year Of Encryption Everywhere #Infographic

The Top Threats to Mobile Security (Infographic)

There’s a good chance you leverage your smartphone for all sorts of reasons beyond just a telephone. Independent contractors often use their mobile devices to stay organized, connect with colleagues and clients through social media, search and apply for jobs, and a whole variety of leisure activities.

As convenient and helpful as our smartphones are, they can also be quite vulnerable if you fail to take the right steps to protect yourself. That’s why Vasco created this infographic. Have a read  to learn more about the most common mobile menaces and get some tips to prevent them.
Top Threats to Mobile Security and What you Can do to Prevent Them #infographicYou can also find more infographics at Visualistan

2015 in Review: Working in the Federal Government

2015 in Review: Working in the Federal GovernmentIndependent contractors who have worked with government clients know that the experience can be completely different from working in the private sector. There are often more processes and longer timelines, with various hoops to jump through.

In the past year, David O’Brien, Eagle’s Vice-President of Government Services, has shared a few important pieces on this topic, specifically with the Federal Government. If you’re in the National Capital Region and haven’t already seen some of these posts, have a look:

How Thieves Use Social Media To Rob You (Infographic)

Are you planning any travel in the next couple weeks? Make sure your home is safe while you’re away. Social media makes it easier for us all to connect with friends and family, and in many cases, gives us resources to improve our work. Unfortunately, it also gives burglars an advantage in their work!

Before you post your holiday adventures on social media, take a look at this infographic from Distinctive Doors. It shares some eye-opening facts and statistics.

Organization Security Screening & Federal Contractors

David O'Brien By David O’Brien,
Vice-President, Government Services at Eagle

Private Sector Organization Screening (PSOS) – Answers to IT independent contractors’ frequently asked questions

Private Sector Organization Screening (PSOS) - Answers to independent contractors' frequently asked questionsA little over a year ago, I posted about the Canadian Industrial Security Directorate’s (CISD – a division of PWGSC) requirement for all independent contractors doing business with the Feds to clear their incorporated entities under the Private Sector Organization Screen (PSOS). Since then, many contractors at Eagle have been through the process and we all learned more about it, including some of the common questions. Here are the answers to some of the questions we hear, as well as a few tips to help you through the PSOS process:

Wait, what’s happening?

Independent contractors working in the Federal Government have always been required to get personnel security screening at some level (ex. Reliability Status, Secret Clearance, etc.). These clearances were completed by the organizations through whom they were subcontracting. For example, when contractors work through Eagle, we either submit a request for a new personnel clearance or duplicate their current one. Regardless of what happens, Eagle ends up “owning” the clearance and, at least in the eyes of CISD, the contractor is considered part of Eagle’s personnel (even though that is not the case). Eagle is able to submit and own security clearances because we have a Facility Security Clearance (FSC), meaning Eagle, as a corporation, is security cleared.

In 2012, CISD implemented a new process. Rather than incorporated independent contractors having a personnel clearance owned by many different organizations, they are instead required to gain clearance for their own corporation. Once that is complete, their corporation will hold their personnel clearance.

What’s the process to get this done?

Upon signing your new subcontract, the prime contractor (often a staffing agency) is responsible for ensuring both your corporation and the personnel completing the work (you) hold the proper clearance. If your corporation is not already cleared, the prime contractor will be responsible for “sponsoring” your corporation to receive the appropriate clearance.

The prime contractor will complete the necessary paper work to initiate the process and submit it to PWGSC.  Once that paper work is processed (usually a couple weeks), you will receive an email from PWGSC containing some forms.

You will need to complete and submit the forms within 30 days. After which, PWGSC may come back to you with some more questions and request a brief interview. You can find the complete step-by-step process here.

What security level will I be cleared to?

Security fingerprintYour corporation will either require Designated Organization Screening (DOS) or Facility Security Clearance (FSC).  This will depend on the security requirement of your contract. If you’re only required to hold Reliability Status, you will be cleared for DOS. If you require Classified, Secret or Top Secret Security Clearance, you would require FSC.

In some cases, a contractor’s corporation may already hold one status but require a higher level for the new contract. In this case, the prime contractor would have to sponsor the corporation for an upgrade.

How can I get started?

You cannot be sponsored for PSOS unless you are on an active contract that requires security clearance.

How long will it take?

The process varies, but we’re hearing from contractors who have already completed it that it takes approximately 1 year.

How can I prepare?

If you are expecting to start the process soon, you can prepare by gathering some of the information that will be asked in the initial Application for Registration, including:

  • Business Procurement Number – this is a mandatory requirement to do business with the Federal Government. As long as you have an HST number, you can get your PBN here.
  • The owners of the corporation and their ownership percentage – For an independent contractor, this is usually just themselves and, in some cases, their spouse or a business partner.
  • Company Security Officer (CSO) and Alternate Company Security Officer (ACSO) – The CSO would be the independent contractor (you). The ACSO is only required if you have more than one employee.
  • Any Key Senior Officials (KSOs – owners, officers, directors) – Again, this is usually just the independent contractor and maybe one other person.
  • Security Clearances for the CSO, ASCOs, KSOs, and any personnel who will be performing work – In many cases, you will wear all of these hats. You also probably already have the necessary clearance. If you are in a situation described above where you have another ACSO or KSO and they are not cleared, contact your agency to see if they can help get that process started immediately.
  • Review the other forms that will come your way – some of the initial forms that PWGSC sends you can be found online, including:

Will I need to go through the entire personnel security clearance process again?

No. If you already have a valid personnel security clearance, you will only need to complete the Personnel Security Screening Form. At the top, in Section A, you would select “Transfer” so your personnel clearance would be brought over to your corporation after it gets cleared.

How will this change the way I do business?

There will be very few changes in how you do business, although you will see some benefits such as:

  • You will no longer have to duplicate your clearance every time you start working with a new agency
  • You will be able to work directly with PWGSC to issue your own security clearance renewals and ensure it does not expire.
  • You will no longer be considered “Personnel” of your agency, which helps further separate you from being an employee in the eyes of the CRA

Will it affect my current contract?

Your current contract will not be affected by the PSOS process. According to CISD regulations, a subcontract should not begin until PSOS is complete; however, PWGSC recognizes that this would have significant impact on business and are allowing a transition period. Your contract will be allowed to start using your personnel clearance owned by your agency.

What if I decide not to do this?

As noted above, there is a grace period to get your corporation cleared; however, that will not last forever. If you choose to ignore the forms and not clear your organization, eventually you will not be able to work on Federal Government contracts that require security clearance.

Hopefully this helps clear things up for you. If you do have any other questions, or would like to share your personal experience with the PSOS process and some tips for getting through it, please feel free to do so in the comments below.