Govt issues new guidelines for handling sensitive communication

Srinagar, Nov 25: In a bid to enhance security and prevent data breaches, the Jammu and Kashmir Government on Monday issued a directive stressing the importance of discretion when handling sensitive, secret, and confidential official communications.

According to a circular issued a copy of which lies with Greater Kashmir reads, a growing trend has been observed among government officers and officials using third-party communication tools, such as WhatsApp and Gmail, to transmit classified information.

It reads, this practice, the administration warned, poses significant security risks, including unauthorized access, data breaches, and leaks of confidential information. These platforms, the government emphasized, do not meet the stringent security protocols required for official communication.

“The circular outlines strict guidelines for the handling of classified information, classified into four categories: TOP SECRET, SECRET, CONFIDENTIAL, and RESTRICTED.”

It reads as, TOP SECRET and SECRET documents, according to the circular, should never be shared over the internet. These documents must be transmitted exclusively through closed networks with leased line connectivity and a SAG-grade encryption mechanism.

Also, CONFIDENTIAL and RESTRICTED information may be shared over the internet, but only through networks employing AES 256-bit encryption.

The administration also strongly encourages the use of government email services (NIC email) and approved messaging platforms, such as CDAC's Samvad and NIC's Sandesh, for transmitting such information. Officials are cautioned to avoid downgrading the classification of sensitive information for the sake of convenience.

The circular further advises that e-Office systems must be equipped with proper firewalls and a VPN (Virtual Private Network) setup to secure access. TOP SECRET and SECRET communications on the e-Office system must follow strict guidelines, including the use of a closed network with leased line connectivity and SAG-grade encryption.

Regarding video conferencing, the circular mandates the use of only government-approved solutions, such as those offered by CDAC, CDOT, and NIC, for official meetings. For enhanced security, officials are encouraged to utilize the 'Waiting Room' feature and prior participant registration. However, it is clearly stated that TOP SECRET and SECRET information should not be shared during video conferences.

The guidelines also address the security of work-from-home environments. Officials working remotely must use security-hardened devices and connect to office servers through a VPN and firewall setup. Notably, the circular reiterates that TOP SECRET and SECRET information should not be shared from a remote location.

Additionally, the circular stresses that digital assistant devices like Amazon's Alexa, Apple's Siri, and Google Home should be kept away during discussions involving classified information. It also recommends that smartphones be deposited outside meeting rooms when dealing with sensitive issues.

The administration has made it clear that non-compliance with these security measures could lead to disciplinary action. The directive underscores the need for strict adherence to these protocols to safeguard the integrity of governmental operations.