.jpeg)
Jammu, Aug 25: J&K Govt issued instructions for ensuring adoption of cyber security practices, immediate disabling of USB/pen drives on all devices and use of GOV Drive, order copy with CTN reads as under:-
To enhance the cyber security posture of the Union Territory of Jammu & Kashmir, protect sensitive government information, and minimize the risks of data breaches, malware infections, and unauthorized access, it has been decided to prohibit the use of Pen drives on official devices across all Administrative Government Departments in Civil Secretariat Jammu and Srinagar, Deputy Commissioner Offices in all districts.
In exceptional cases where operational needs justify their use, controlled whitelisting may be permitted for up to 2-3 Pen Drives per Department, upon formal request routed through the respective Administrative head to the State Informatics Officer (SIO), National Informatics Centre.
After approval Pen Drive must be physically submitted to the respective NIC Cell for reconfiguration, authorization, and ownership registration prior to use.
As a secure alternative, Departments are strongly encouraged to adopt (https://govdrive.gov.in) GovDrive-a cloud-based, multi-tenant platform offering every Government official 50 GB of secure storage with centralized access and synchronization across devices, details of which are provided in Annexures I & II along with the user manual.
The use of public messaging platforms such as WhatsApp or unsecured online services like iLovePDF for processing, sharing, or storing official or confidential materials is strictly prohibited to uphold data sovereignty and prevent security breaches.
All sensitive technical information, including ICT architecture diagrams, system configurations, vulnerability assessments, IP addressing schemes, and strategic technology plans, must be classified as confidential and handled exclusively through approved secure channels in accordance with Information Security Best Practices by MHA, CERT-In directives, and departmental data classification policies.
Failure, to adhere to these instructions shall be viewed seriously and may invite disciplinary action under relevant rules governing official conduct, IT usage and administrative responsibility. These directions are issued with the approval of the competent authority and shall come into immediate effect.
All Departments are advised to accord top priority to the implementation of these guidelines in the interest of the secure and safe e-Governance.
ANNEXURE I
Step-by-step process to register on GovDrive Step 1: Registered account on Parichay i.e. mandatory for accessing GovDrive. Step 2: Go to URL: https://drive.gov.in Step 3: Click on the "Login" button given at the top-left corner of homepage. User will be redirected to Parichay Authentication Page. Step 4: Enter your existing Parichay login credentials in required fields and click the "Next" button to continue. User will be redirected to MFA page. Step 5: Choose any of the MFA options and click "Next" to continue. Post successful authentication, user will be redirected to the Registration Page. Step 6: Choose the "Register" button to continue. Now, the registration request has been sent successfully and will be approved within 24 hours. User will be notified via mail. Post approval: Step 7: User has to follow the same login procedure: Login > Parichay Login Credentials > MFA. Now post-successful Parichay authentication, user will be redirected to GovDrive user dashboard for using the dashboard of GOV drive and for data processing.
ANNEXURE-II
SOP for Usage of USB Storage Devices at Endpoints in Min(s)/Dept(s) In every entity, only a particular set of USB drives will be white listed (Globally). White listing of minimum number of absolutely required USB Drive in a given entity.
All other USB drives external to the given entity will be blocked (Globally). The global white listing will facilitate smooth internal exchange of information within an entity. White listing of any external/additional USB drive in an entity will be done only on request and authorization basis.
It is advisable that before using USB to any Internet systems, it should be formatted with a trusted DATA wipe Software.
Ensure the data copied to USB drive is backed up at another location in endpoint/desktop. Ensure that official USB drives are not connected to unofficial or non-compliant endpoints. Restraint from transferring executable/systems files using USB devices.
Any data needed from any external Pen Drive will be first sanitized in a designated standalone system and copied to a whitelisted pen drive.
Note: 1. All the USB drive intended to be whitelisted in the Min/Dept should be physically sent to NIC Cell to reconfigure and complete the process of authorization/ownership. 2. USB Policy for Meeting Rooms: All USB device are allowed on Standalone desktops/laptops (without any network connection at any time) used for Presentation. No USB Devices are allowed on network connected desktops/laptops. https://drive.g
|