Information Technology Services
Information Technology Services

Cybersecurity Action Plan 2019-21

Queen’s University is making significant investments to ensure there is a secure foundation for Queen’s digital environment. IT Services has developed a multi-year Action Plan to launch the Cybersecurity Program and to implement priority cybersecurity projects. A comprehensive communications and change management program is also being undertaken to support the success of these initiatives.

What’s coming?

  • Many of you may already be aware of the Multi-Factor Authentication (MFA) initiative, which helps validate the online identities of users accessing Queen’s resources. MFA was rolled out to staff over the summer; faculty, student-staff and students will be scheduled for enrolment during the fall.
  • In October, a new solution will be introduced to ensure the health of user devices (laptops, desktops, smartphones and tablets) accessing Queen’s resources. The Endpoint Protection project will provide instruction on how to enrol our devices in Microsoft Intune.
  • Also in October, IT Services is launching a new platform for cybersecurity Education and Awareness that focuses on leading practices to identify cybersecurity risks and what we should be doing to respond to them.
  • Early next year, our Network Authentication capabilities will be enhanced to further secure our data and systems.
  • A number of other capabilities are also being introduced as services that will not have widespread end user impacts, but will significantly enhance Queen’s cybersecurity posture. Some of these key initiatives include:  developing enterprise security reference architectures and patterns; maturing and expanding the Vulnerability Management Program as well as our Security Operations Centre capabilities; operationalising our Cybersecurity Incident Response Plan; and enhancing the security of our cloud environment.

What do you need to do?

A number of these projects will require action from our user community, and there will be steps we all need to take to help ensure the security of our online environment as a result of these initiatives. IT Services will distribute emails with details about the specific actions that are required; look for communications coming from the Cybersecurity Action Plan Communications mailbox (

You may also hear about these projects from your leaders, from cybersecurity Change Advocates within your units, or from articles published in The Gazette.

You don't need to wait! You can register for MFA or enrol your device(s) for Endpoint Protection at anytime. Please see the tutorials (MFA, Endpoint Protection) for guidance.

Additional resources

For researchers

Please note the following newly-released (September 2020) cybersecurity guidance and resources. The initiatives in Cybersecurity Action Plan 2019-21 are directly aligned with the recommendations in these publications: