Skip to content

Background

nsdeschenes edited this page Sep 20, 2021 · 1 revision

Government of Canada departments are required to use the HTTPS protocol, approved encryption algorithms, and approved certificates as outlined in Implementing HTTPS for Secure Web Connections: Information Technology Policy Implementation Notice (ITPIN). These measures ensure the secure transmission of data online and the delivery of secure web services.

In addition, Government of Canada departments are required to configure SPF, DKIM, and DMARC records as outlined in the Standard on Email Management. These records help prevent phishing attacks and email spoofing.

Measuring and tracking policy compliance takes effort, time, and domain knowledge. The Track web security compliance tool makes that process easier for both the domain owners and policy owners.