Use of WhatsApp, unsecured platforms banned for processing official documents
Srinagar : The Jammu & Kashmir government has prohibited the use of USB drives and pen drives on official devices across all administrative departments in the Union Territory. This decision aims to safeguard sensitive government data and reduce the risk of data breaches.
According to an order issued by the Jammu & Kashmir Government this measure is intended to strengthen the cyber security framework of Jammu & Kashmir.
“To enhance cyber security posture of the Union Territory of Jammu & Kashmir, protect sensitive government information, and minimize the risks of data breaches, malware infections, and unauthorised access, it has been decided to prohibit the use of pen drives on official devices across all Administrative Government Departments in Civil Secretariat Jammu and Srinagar, Deputy Commissioner Offices in all districts of UT,” the order states.
In exceptional cases where operational needs justify their use, controlled whitelisting may be permitted for up to 2 to 3 pen drives per department, upon formal request routed through the respective Administrative head to the State Informatics Officer (SIO), National Informatics Centre.
After approval pen drive must be physically submitted to the respective NIC Cell for reconfiguration, authorisation, and ownership registration before use.
As a secure alternative, the government departments have been directed to adopt (https://govdrive.gov.in) GovDrive, a cloud-based, multi-tenant platform offering every Government official 50 GB of secure storage with centralised access and synchronisation across devices.
As per the order, the use of public messaging platforms such as WhatsApp or unsecured online services like iLovePDF for processing, sharing, or storing official or confidential materials is strictly prohibited to uphold data sovereignty and prevent security breaches.
“All sensitive technical information, including ICT architecture diagrams, system configurations, vulnerability assessments, IP addressing schemes, and strategic technology plans, must be classified as confidential and handled exclusively through approved secure channels in accordance with Information Security Best Practices by MHA, CERT-In directives, and departmental data classification policies,” the order mentions.
The government has warned that failure to adhere to the instructions shall be viewed seriously and may invite disciplinary action under relevant rules governing official conduct, IT usage and administrative responsibility.
All departments have been asked to accord top priority to the implementation of the guidelines in the interest of secure and safe e-Governance. KNO