# Questions 7.1 In a networked environment, is it possible to disable your product for one user without disabling the product for the entire network? 7.2 Does your product support encryption at rest, in transit or authentication (2- factor)? How are users authenticated? 7.3 Is your product able to support the requirements in the GC Security Control Profile for Cloud-Based GC IT Services for Protected B, Medium Integrity and Medium Availability (PBMM)? 7.4 Has your service been validated and verified through the Centre for Cyber Security (CCCS)’s Cloud Service Provider IT Security Assessment Process? 7.5 Describe how your product complies with the following Government of Canada security and privacy standards and policies: · Security Organization and Administration Standard · Operational Security Standard: Management of Information Technology Security (MITS) 7.6 Does your product allow for user profiles (role-based access)? 7.7 What level of redundancy exists in your data centres to ensure data recovery can be ensured? 7.8 Are any third-party vendors used in this solution? If so, have they verified by CCCS (Cloud Service Provider IT Security Assessment Process)?