Srinagar, Nov 25 (KNO): In a significant move, the Jammu & Kashmir Government has told its officers that “top secret” and “secret” information shouldn’t be shared over internet and smart phone should be deposited outside the meeting room while discussing classified information.
In a circular, a copy of which is in possession of news agency—Kashmir News Observer (KNO), the government has expressed concern over “increasing trend among officers and officials to use third-party tools such as WhatsApp, Gmail, and other similar platforms for transmitting sensitive, secret, and confidential information”.
This practice, as per the circular, poses significant risks to the integrity and security of the information being communicated.
“Using third-party communication tools can lead to several potential issues including unauthorized access, data breaches. and leaks of confidential information,” the government said, adding that platforms are not specifically designed to handle classified or sensitive information, and their security protocols may not meet the stringent standards required for official communications.
In its guidelines/ protocol for sharing sensitive information, the government said that classified information falls under the four categories: TOP Secret, Secret, Confidential and Restricted.
“The “Top Secret” and “Secret” document shall not be shared over the internet,” it said.
As per National Information Security & Policy Guidelines(NISPG), the “Top Secret” and “Secret” information shall be shared only in a closed network with leased line connectivity where SAG grade encryption mechanism is deployed.
It, however, said “Confidential” and “Restricted” information can be shared on internet through networks that have deployed commercial AES 256-bit encryption.
“The use of government email (NIC email) facility or government instant messaging platforms (such as CDAC's Samvad, NIC's Sandesh etc.) is strongly recommended for the communication of “Confidential” and “Restricted” information,” it said.
The government said that care should be taken during the classification of information, saying that information that deserves a “Top Secret”/ “Secret” classification shall not be downgraded to “Confidential”/ “Restricted” for the purpose of sharing.
It said that digital assistant Devices such as Amazon's Echo, Apple's HomePod, Google Home, etc. should be kept out of the office during discussions on classified issues.
“Further Digital Assistants (such as Alexa, Siri, etc.) should be turned off during official meetings in the office used by employee. Smart phones should be deposited outside the meeting room when discussing classified information,” it said.
The government said that “Top Secret”/ “Secret” information shall not be shared during the video conference meetings. “Regarding Video Conferencing (VC) for official purposes, only Government VC solutions offered by CDAC, CDOT and NIC may be used. Meeting ID and passwords should only be shared with authorized participants. For enhanced security, the ‘Waiting Room’ facility and prior registration of the participants may be utilized. Even then, “Top Secret”/ “Secret” information shall not be shared during the VC meetings,” it said.
The government said the departments must deploy proper firewalls and white-list of IP addresses in the context of e- Office.
“The e-Office server should be accessed through a Virtual Private Network (VPN) for enhanced security. Departments may ensure that only authorized employees/personnel are allowed to access to the e-Office system. However, “Top secret”/”Secret” information shall be shared over the e-Office system only with leased line closed network and SAG grade encryption mechanism,” the government said.
According to the circular, officials working from home should use security-hardened electronic devices (such as Laptops, Desktops, etc.) connected to office servers via a VPN and Firewall setup.
“It is important to note that “Top Secret” and “Secret” information should not be shared in a work-from-home' environment,” it said—(KNO)