CyberSecure Canada

CyberSecure Canada Cybersecurity Controls

With Tehama you can leverage a SOC 2 Type II end-user compute environment and achieve and maintain regulatory compliance requirements for heavily regulated industries such as banking, financial services, health care, energy and utilities, insurance and government enterprises. The Tehama solution has 107 SOC 2 Type II controls built into the platform, saving you time and resources on your internal SOC 2 Type II audits.

Cybersecure Canada Logo

CyberSecure Canada Cybersecurity Controls 

The federal government of Canada’s new Centre for Cyber Security CCCS recently announced a new two-year cybersecurity program. The goal of the new program, CyberSecure Canada, is to help small and medium-sized businesses (SMBs) achieve a minimum required level of cybersecurity.

The program is also focused on increasing consumer confidence in the digital economy, promoting international standardization, and giving SMBs the ability to better compete globally.

The certification is comprised of a baseline set of cybersecurity controls developed by the Canadian Centre for Cyber Security. These controls include establishing an incident response plan, regularly patching operating systems and applications, and using security software and securely configuring devices.

Four of these critical controls can be addressed with Tehama to help SMBs achieve certification; strong user authentication, secure perimeters, secured cloud and outsourced IT services, and implementing access controls.

1 Develop an Incident Response Plan
2 Automatically Path Operating Systems and Applications
3 Enable Security Software
4 Securely Configure Devices
5 Strong User Authentication
6 Provide Employee with Awareness Training
7 Back Up and Encrypt Data
8 Secure Mobility
9 Establish Basic Perimeter Defences
10 Secure Cloud and Outsourced IT Services
11 Secure Websites
12 Implement Access Control and Authorization
13 Secure Portable Media

With Tehama’s secure and compliant virtual desktops SMBs can quickly and securely onboard employees and third-party IT services providers to access systems. Tehama enables any end-user device to securely connect to systems without the risk of malware intrusion or data breaches and intellectual property theft.

Tehama provides all the components for secure cloud-based Windows or Linux workspaces, including dedicated encrypted network channels, firewalls, access and role restrictions, MFA user authentication and geo-fencing, storage, and end-user compute infrastructure (virtual and secured desktops with auto-patching and updates to keep your OS secure), and deep audit logs within a secured perimeter called a Room —making it easier for you to achieve your cybersecurity goals. 

Each secure virtual Room is configured to work directly with the organization’s network via the Tehama gateway, which encrypts and restricts all traffic flow to within your network only. The secured network eliminates the risk of third-party attacks. Virtual desktops are accessible via the Tehama Web UI — that  requires strong MFA authentication.

Session recordings show all user activity performed in a Room, right down to the keystroke, for exceptionally accurate auditing as well as forensic analysis and live viewing for training and monitoring purposes. The File Vault is an encrypted storage volume that enables secure information-sharing, fully isolated from any other Rooms to ensure zero data leakage. The Secrets Vault provides secure storage of credentials and firewall rules for privileged-access assets — with masking to prevent the possibility of copying credentials outside the Tehama platform.

Tehama allows you to set strict policies for data and application access with robust user identity management and “just-in-time” user provisioning through SCIM and SAML. Access to credentials and other assets is available only after successful two-factor authentication and single-use passwords prevent access after a session has ended. 

Tehama allows you to set strict policies for data and application access with robust user identity management and “just-in-time” user provisioning through SCIM and SAML.