Warns of disciplinary action for non-compliance
Bivek Mathur
JAMMU, Nov 25: The Jammu and Kashmir Government has directed its officers and officials to stop using WhatsApp, Gmail and other similar third-party platforms for transmitting sensitive, secret, and confidential communications.
Follow the Daily Excelsior channel on WhatsApp
According to Government, this practice (sharing information using third party tools) of the Government employees has been posing significant risks to the integrity and security of the information being communicated.
These directions were issued after the Jammu and Kashmir Government observed an increasing trend of officers using third-party communication tools like WhatsApp, Gmail, and other similar platforms to transmit sensitive and confidential information.
A circular issued by the General Administration Department highlighted the risks of using third-party platforms, such as “unauthorized access”, “data breaches”, and “leaks of confidential information”.
It emphasized that these platforms are not designed for handling classified information and may lack the necessary security measures for official communications.
To mitigate these risks, the Government has issued new guidelines for handling sensitive information.
Under the new set of guidelines, the classified information is categorized into four levels: “top secret,” “secret,” “confidential,” and “restricted.”
According to the Government, “top secret” and “secret” documents must not be shared over the internet.
Quoting the National Information Security Policy Guidelines (NISPG), the Government stated that these high-level documents should only be shared through closed networks with leased line connectivity and SAG-grade encryption mechanisms.
Further, the GAD circular claimed that “confidential” and “restricted” information may, however, be shared over the internet, provided the networks used have commercial AES 256-bit encryption.
The Government has strongly recommended using official communication channels, such as Government email (NIC email) or Government instant messaging platforms like CDAC’s Samvad and NIC’s Sandesh, for transmitting confidential and restricted information.
“Officers must also ensure that they correctly classify information and avoid downgrading high-level documents for convenience,” ordered the Government.
For secure office communication, the Government has stressed the need for departments to deploy proper firewalls and maintain a white-list of IP addresses.
“The e-Office system should only be accessed through a Virtual Private Network (VPN) for enhanced security. However, top-secret and secret information must only be shared through e-Office systems using leased line networks with SAG-grade encryption,” directed the Government.
Regarding video conferencing, the Government has mandated the use of official solutions provided by CDAC, CDOT, and NIC.
As per the GAD circular, meeting IDs and passwords should be shared only with authorized participants, and additional security features like ‘Waiting Room’ and prior registration should be used.
“Top-secret and secret information should not be discussed during video conferences,” ordered the Government.
For officials working from home, the Government has recommended using security-hardened devices connected to office servers via VPN and firewall setups.
Importantly, top-secret and secret information must not be shared in a work-from-home environment, ordered the Government.
Additionally, the officials have been advised to keep digital assistant devices, such as Amazon’s Echo and Apple’s HomePod, out of offices when discussing classified matters.
Smartphones should also be kept outside the meeting room during official discussions involving sensitive information, ordered the Government.
The J&K Government has emphasized that all officers and officials must adhere strictly to these guidelines to ensure the confidentiality and security of official communications.
“Non-compliance may lead to disciplinary action,” warned the Government.
Follow our WhatsApp channel
