MITS

The Management of Information Technology Security (MITS) standard defines baseline security requirements that Canadian federal departments must fulfill to ensure the security of information and information technology (IT) assets under their control. The DLP aspect of the policy applies to combinations of Personally Identifiable Information (like social insurance number or credit card number) with sensitive private information, such as health conditions, to promote compliance with the Canadian Privacy Impact Assessment mandated by MITS. Additional rules detect confidential information about the corporate network, and confidential documents, to promote compliance with the Canadian Government Security Policy. The rules for this policy are:

• MITS: Confidential Document
• MITS: Proprietary in Document
• MITS: Network Information and Security (Pattern and IP)
• MITS: Network Information and Security (Textual Pattern)
• MITS: Password Dissemination for HTTP Traffic (Wide)
• MITS: Password Dissemination for HTTP Traffic (Default)
• MITS: Password Dissemination for HTTP Traffic (Narrow)
• MITS: Password Dissemination for non-HTTP/S Traffic (Wide)
• MITS: Password Dissemination for non-HTTP/S Traffic (Default)
• MITS: Password Dissemination for non-HTTP/S Traffic (Narrow)
• MITS: SIN and CCN
• MITS: SIN and Common Medical Condition
• MITS: SIN and Sensitive Disease or Drug
• MITS: Social Insurance Number