Highlighting the risk of using third-party platforms like WhatsApp and Gmail to send official documents, the Jammu and Kashmir government issued detailed guidelines on Monday for securing sensitive and classified official communications.
Government officials have been directed to strictly use government email services and its secure instant messaging platforms for transmitting confidential and restricted information, reported PTI on Monday.
“It has come to the attention of the administration that there is an increasing trend among officers and officials to use third-party tools such as WhatsApp, Gmail and other similar platforms for transmitting sensitive, secret and confidential information,” PTI quoted Commissioner Secretary, General Administration Department, Sanjeev Verma. He also added that the use of third-party tools can lead to unauthorised access, data breaches, and leaks of confidential information.
Emphasising the lack of strict security protocols in communication platforms like Gmail and WhatsApp, Verma said, “The use of such tools could jeopardise the integrity of governmental operations and lead to severe security breaches.”
The administration has directed officials to abstain from using Gmail and WhatsApp and instead prefer government messaging platforms like NIC email, Samvad, and Sandesh for confidential and restricted communications.
The order also stressed the implementation of firewalls, white-list IP addresses and ensuring access to e-Office systems through Virtual Private Networks (VPNs).
"The departments are required to implement firewalls, white-list IP addresses and ensure access to e-Office systems through Virtual Private Networks (VPNs). Only authorized personnel are permitted to use these systems. Top secret and secret information should only be transmitted on leased-line networks," PTI quoted Verma.
Verma emphasised to officials that the internet should not be used to transmit information classified as top secret or secret. Instead, the details should be shared through closed networks with SAG-grade encryption, according to the PTI report.
Referring to fresh guidelines on video conferencing (VC), the circular stated that only government-approved VC solutions from CDAC, CDOT or NIC are permitted.
“Access controls such as waiting rooms and participant registration are mandatory. Top secret and secret information must not be discussed during VC meetings,” he added.
