The Jammu and Kashmir government has imposed a ban on the use of third-party platforms such as WhatsApp and Gmail for transmitting sensitive official documents. The directive, issued by the General Administration Department on Saturday, emphasised the potential risks of data breaches and leaks associated with these platforms. The order stated that tools like WhatsApp and Gmail are not specifically designed for managing classified or sensitive data. Their security protocols may fall short of the stringent standards required for safeguarding official communications.
"It has come to the attention of the administration that there is an increasing trend among officers and officials to use third-party tools such as WhatsApp, Gmail, and other similar platforms for transmitting sensitive, secret, and confidential information. This practice poses significant risks to the integrity and security of the information being communicated," the order read. It said using third-party communication tools can lead to several potential issues including unauthorised access, data breaches, and leaks of confidential information. Consequently, the use of such tools could result in severe security breaches that jeopardise the integrity of governmental operations," the order added.
Guidelines for officials to follow while handling official communication:
- Classified information falls under the following four categories namely, Top Secret, Secret, Confidential and Restricted.
- A 'Top Secret' and 'Secret' document shall not be shared over the Internet.
- The 'Top Secret' and 'Secret' information shall be shared only in a closed network with leased line connectivity where a SAG-grade encryption mechanism is deployed.
- 'Confidential' and 'Restricted' information can be shared on the internet through networks that have deployed commercial AES 256-bit encryption.
Govt advocates secure communication platforms
The directive said the use of government email facility or government instant messaging platforms (such as CDAC's Samvad, NIC's Sandesh etc) is strongly recommended for the communication of 'Confidential' and 'Restricted' information. In the context of the e-Office system, departments have been directed to deploy proper firewalls and white-list IP addresses.
It said there was a blanket ban on sharing any top secret or secret information through video conferencing. The officials working from home have been directed to use security-hardened electronic devices (such as laptops, desktops) connected to office servers via a VPN and firewall setup. 'Top Secret' and 'Secret' information should not be shared while working from home, it said. The order said digital assistant devices such as Amazon's Echo, Apple's HomePod, Google Home, etc. should be kept out of the office during discussions on classified issues.
(With PTI inputs)