DFAIT represents Canada worldwide through a network of embassies, consulates and diplomatic offices. These entities are commonly referred to as missions. Missions can be classified as Classic, Small, Micro, Homing. They are staffed by Canadian–Based Staff (CBS) and Locally Engaged Staff (LES). To meet its need to provide departmental communications, DFAIT has created a telecommunications system which incorporates both a dedicated Private Branch Exchange (PBX) system and an Octel 250 or pilot at each mission. All missions and Headquarters are connected for both voice and data traffic via the Multi–User Integrated Telecommunications Network (MITNET).
MITNET is a Wide Area Network (WAN) based on Time Division Multiplexing (TDM) or Multi–Protocol Label Switching (MPLS) technology that traverses the globe and serves all missions via landlines or satellite. TDM is being replaced with MPLS technology. As of writing, four missions still rely on TDM technology and 40 utilize satellite transmission. In addition to enabling data transfers, MITNET also carries voice data.
The Octel system is a voice messaging system which allows staff from Headquarters and missions to communicate from any touch tone phone 24 hours a day with one or more persons. Services offered via DFAIT owned and operated equipments at Headquarters as well as missions across the globe.
In order to deliver a consistently high level of service, telephony traffic is prioritized when traversing the WAN. In addition to being assigned a high “class” of service, the voice traffic is also sent “in the clear” and is not encrypted through an Internet Protocol Security tunnel. This reduces the amount of overhead involved with voice communications and therefore reduces the latency involved with processing voice data.
DFAIT has the capability of encrypted voice service using a limited number of encrypted type–1 Secure Telephones that are connected to the PBX. It must be noted that any voicemail resulting from these telephone sets are not encrypted and are clear in nature.
There are two types of personal information collected and maintained within the MITNET system:
The Privacy Impact Assessment (PIA) was developed as part of the Department’s commitment to protection of personal information. It also meets the MITS requirements obligating departmental major services to undergo a security and privacy assessment at this point.
While there were no risks found during the examination of the Departmental Telephone and Messaging System’s PIA, it is advisable to the Department to undertake the development of additional privacy statements into the Network Acceptable Use Policy for awareness of all employees.