Secure Data Stewardship

Protecting Nation Data

First Nations governments manage sensitive information about citizens, programs, and governance activities. Protecting that information is essential to maintaining trust and ensuring responsible data stewardship.

The Build Your Own Data Centre (BYODC) platform provides secure digital infrastructure where Nations can store, manage, and access their data while retaining full authority over how that information is governed and used.

The platform combines modern security practices with Nation-defined governance controls to support First Nations data sovereignty.

What Partner Nations Say:

"Data sovereignty is coming at the forefront of every conversation [and] data sharing agreements are starting to shift [thinking]."

— Project Lead, Skeetchestn Natural Resource Corporation

Nation-Controlled Data Workspace

Within the BYODC, each Nation operates within its own secure data workspace. While the platform provides shared infrastructure, each Nation retains authority over how its data are organized, accessed, and used.

Nations determine who can view, edit, or manage datasets by assigning permissions based on staff roles and responsibilities. This allows the right people to access the information they need while maintaining strong protections for sensitive data.

How Data Are Protected

Role-Based Access Permissions

Nations assign access according to staff roles and responsibilities, ensuring that sensitive information is only available to the appropriate users.

Secure Data Storage

Data are stored within professionally managed infrastructure in Canada designed to protect against unauthorized access, loss, or system failure.

Encryption and Data Protection

Sensitive information is encrypted both while stored and when transmitted between systems, helping ensure that data remain secure throughout their lifecycle.

Privacy Safeguards

Built-in privacy protections help prevent the accidental disclosure of personal information. These safeguards support responsible data use while maintaining the confidentiality of citizens.

Alignment with OCAP® Principles

The BYODC supports data governance approaches aligned with the principles of Ownership, Control, Access, and Possession (OCAP®). Nations retain authority over how their data are collected, stored, accessed, and used.

Frequently Asked Questions

  • We implement a multi-layered security approach that includes advanced encryption, strict access controls, and continuous monitoring. Data is encrypted both in transit and at rest (when it is not being actively accessed or used) using Transport Layer Security (TLS) 1.2 or higher and Advanced Encryption Standard 256-bit encryption (AES-256), respectively. We also enforce Nation-specific data segmentation (each Nation’s data is treated distinctly) and role-based access control (RBAC) (only authorized roles can view or use the data) to ensure that data access is restricted according to community-defined roles and permissions.

  • The technologies deployed in this project reflect industry standards. Our protocols for data protection, including TLS, and our encryption methods, including AES-256, are often described as "bank-level" or "military-grade”, reflecting their strength and reliability. This extends to configuration and application-level decisions, for example, when we need to, we use standards agency-approved hash functions (cryptographic tools for secure password storage) configured for maximum security, providing robustness and defense-in-depth against unauthorized access.

  • Ownership, Control, Access, and Possession (OCAP®) is embedded in the demonstration project, and reflected in our policy and practices. The fundamental premise underlying all of this work is that of First Nations data sovereignty – as such, Nations make all decisions about user permissions, data access, data sharing, and data use. Nations have significant autonomy to customize naming and look and feel. The Centre maintains comprehensive audit logs to maintain transparency and accountability in how OCAP® is upheld and data sovereignty protected.

  • For any questions or concerns about our security practices, please reach out to the BC RIGC Directed Demonstration security team at info@bcfnrigc.ca. We are always available to discuss and collaborate on ensuring the highest standards of data protection and sovereignty.

If you would like to read more details on our approach to data security and additional frequently asked questions, you can access the comprehensive PDF on data security here.

The best way to understand how the BYODC protects Nation data is to explore the platform directly.

Request a demonstration to see how secure data environments and governance controls work in practice.

See How the Platform Protects Your Data

Get in Touch
Get in Touch