FGP Data Cube Platform

FGP GCC Rules of Behaviour

I assert my understanding that:

I am entrusted through issuance of my FGP user name and password with access to the FGP as a privileged user with a range of capabilities that may include the ability to add, modify, delete, approve, release FGP datasets, services and other information products; as such I have a responsibility to uphold all FGP Rules of Behavior in order to protect the integrity, availability and security of the FGP environment.

I realize the FGP is a Government of Canada information system that is provided for Canadian Federal Government-authorized use only. As such, my use of FGP information, datasets, services and systems must comply with all applicable Government of Canada laws, policies, standards and guidelines, including:

• Privacy Act
• Policy on Government Security
  
• Policy on Acceptable Network and Devise Use
  
• Values and Ethics Code for the Public Service
  

I assert my understanding that, as a standard FGP Account Holder/User, I must:

• Protect my user account password;
• Lock my workstation when left unattended;
• Log out of the FGP environment when leaving workstation at the end of day;
• Use my user account(s) only for the purposes they were intended, and not attempt to exceed the level of privilege my account allows;
• Notify FGP Client Services Desk immediately when my account is no longer required;
• Safeguard the information processed, stored, and transmitted on FGP systems from unauthorized or inadvertent modification, disclosure, destruction, and misuse;
• Take all necessary precautions to protect FGP assets from unauthorized access, use, modification, destruction, theft, disclosure, loss, damage, or abuse, and treat such assets in accordance with any applicable information management and security policies;
• Immediately report to FGP Client Services Desk any known or suspected security incidents, known or suspected information security policy violations or compromises, or suspicious activity observed in the FGP environment;
• Not use FGP to store, make available or transmit private, protected, or sensitive information or datasets;
• Cultivate awareness of all applicable Government of Canada Information Management and Security polices; and
• Complete any specialized role-based training as required before receiving a standard FGP account

I assert my understanding that, as a standard FGP Account Holder/User, I must not:

• Share my user account(s) login name or password(s);
• Use FGP to store, make available or transmit private, protected, or sensitive information or datasets;
• Install, modify, or remove any system hardware or software;
• Remove or destroy system audit, security, event, or any other log data;
• Acquire, possess, trade, or use hardware or software tools that could be employed to evaluate, compromise, or bypass information systems security controls;
• Introduce unauthorized code, Trojan horse programs, malicious code, or viruses into FGP environment;
• Knowingly write, code, compile, store, transmit, or transfer malicious software code, to include viruses, logic bombs, worms, and macro viruses; and
• Attempt to circumvent any FGP policies or security controls.

I assert my understanding that, as a Collaborative Mapping Environment Account Holder/User, I must:

• Comply with the above; and:
• Comply with terms of any software licenses (that is, AGOL);

I assert my understanding that, as an FGP Workspace Administrator Account Holder/User, I must:

• Comply with the above; and:
• Establish and manage authorized user and system (for example, service accounts) accounts for FGP according to the rule of least privilege, and will remove authorizations when access is no longer needed;
• Not elevate the privileges of any user without prior approval from the designated manager;
• Create other user accounts only after receipt of an approved system access authorization request (automated or manual);
• Complete specialized Workspace Administrator training as required before receiving privileged system access.

I assert my understanding that, as an FGP Representative Administrator Account Holder/User, I must:

• Comply with the above; and:
• Complete specialized FGP Representative Administrator training as required before receiving privileged system access.

Consent to Monitoring Provision

By logging on to the FGPO GCC system I acknowledge that when I access the FGP system environment, I consent to:

• Routine monitoring of system activities within the FGP environment for purposes including, but not limited to, penetration testing, communications security monitoring, and network operations and defense;
• Routine monitoring of all user accounts for frequency, duration and purpose of activities within the FGP environment for purposes of account management and gathering and analysis of system metrics; and
• Collection and retention of system logs to support system audit function; for purposes of account management and gathering and analysis of system metrics.

By logging on to FGP GCC, I am acknowledging the FGP GCC Rules of Behaviour, and agree to comply with these rules when accessing the FGP GCC system.