Internet security

The Internet is a worldwide network that links thousands of computer networks and millions of computers. It started in the late 1960s as a tool for universities and laboratories conducting research on computer networks. It has grown and developed from being a tool used by research scientists in very limited ways, to being available to virtually anyone in the world with a computer and an Internet connection, for purposes ranging from entertainment to education, to business. Security was not a primary concern in its design.

Because of its widespread use and availability and the lack of comprehensive security considerations, the Internet in general is not secure. Destructive or malicious acts, unwelcome software, and the spread of viruses place computers and data at risk if appropriate precautions are not taken.

There are many steps you can take to reduce potential risks associated with using the Internet. Robust solutions to fight problems with security on the Internet are continually being developed to help electronic transactions carry the same level of security as paper-based transactions.

The Government of Canada and the Canada Border Services Agency (CBSA) continue to make more and more of their services available electronically. The Government On-Line initiative, which aims to make all key federal government services available through online transactions by 2005, has accelerated this process. The trend toward online service means that effective Internet security is a basic necessity for you to do business with us.

We are committed to providing a secure online environment so that Canadians can find information and complete transactions with us. We use various Internet security tools to address Internet security concerns. Internet security requires a partnership between two parties—in this case, you and us. We have extensive security tools in place to protect your confidentiality, and our Web site enforces specific standards that you must follow to ensure that your personal information is protected when you transact with us online.

What we do to ensure security

The Internet is an open and public network. When it comes to doing business transactions or providing services involving confidential data, extra safeguards must be in place. We take steps to ensure the safety and integrity of transactions on our Web site. We ask that you do not transmit personal information to us using unsecured email because we cannot be sure of who is sending the message. We also won't send personal information through unsecured email because we cannot ensure your confidentiality. We provide alternate secure methods of communications for your use.

CBSA uses specially configured computer Web servers for any business we do with you. We use corporate firewalls to protect our Web servers from unauthorized access. Your personal information is not stored on these servers; we securely store your personal information on separate computer systems that are not directly accessible from the Internet.

When transmitting personal information, access to our Web servers is limited to Web browsers that meet our security standards of encryption. We ensure that your personal and financial information is encrypted—or scrambled—when it is transmitted between your computer and our Web servers. This ensures that computer hackers and other Internet users cannot view or alter the data being transmitted. Our standard for encryption is the 128-bit Secure Sockets Layer Version 3.0 (SSLV3) protocol. This is one of the most secure forms of encryption available in North America and is a typical requirement for Web-based services—such as online banking or shopping—where securing personal information is a priority.

See our privacy statement for a summary of our Web site privacy policy and practices.

What you should do to ensure security

You have to follow some security guidelines to do online transactions with us. We also suggest precautions that you should take to maximize your protection.

For a secure transaction, you must use a Web browser that meets our security standards. Your browser is automatically tested before you begin a transaction, but you can also use our browser test to check it. In addition, you should keep your browser and operating system up-to-date by regularly applying available patches. Check with the supplier of your browser and operating system for more details.

For many of the transactions you can do online with us, you have to identify yourself properly. You need to give us three pieces of confidential information before you can use our confidential areas and services. These three pieces of identity information are used to create your digital signature. Make sure that you keep this information and any passwords or access codes confidential so that others cannot use your digital signature.

You should change your password regularly. A good password is made up of letters (a mix of upper and lower cases), numbers, and characters, does not contain names or words found in the dictionary, and cannot be easily guessed.

You should have anti-virus software on your computer and update it regularly. Remember to regularly scan your computer for viruses. You may consider installing a personal firewall (some of which are free) on your computer to help control connections between your computer and other computers on the Internet, and to notify you of any attempted attacks on your system.

For many of the electronic services we offer you have to enable your browser’s cookies. Like with many Internet Web sites, the cookies help us to establish a secure session between you and us. Using cookies for this purpose does not put your computer or personal information at risk. We do not store any personal information in the cookies.

After you complete your visit with us, you should clear your page cache. You can do this by following the instructions on clearing your caches. You should also clear the browser’s cookie cache by closing and reopening your browser. By taking these steps, any cookie data that was saved in your cache during your visit to our Web site will be removed from your computer and will not be available to any unauthorized user.

For more information, visit our Internet security tools Web page.