Compliance to communication security advisory for government officials
OFFICE OF THE CONTROLLER OF DEFENCE ACCOUNTS
UDAYAN VIHAR, NARANGI, GUWAHATI: 781174.
All the Section of MO CDA, Guwahati
All the Sub Offices under CDA, Guwahati
Subject: Compliance to communication security advisory for government officials.
Reference: HQrs Office letter No. Mech/IT&S/810/Cyber Security Dated-09/02/2022
Please refer to HQrs. office letter cited under reference wherein it is stated that JS (Estt/plg/Parl)/CISO, Ministry of Defence has issued directions to stop violations of Manual of Departmental Security Instructions (MoDSI) and National Security Policy Guidelines (NISPG). In order to curtail the leakage of classified information, guidelines are issued in the interest of communication security.
In this regard, the following guidelines should be followed in the interest of communication security.
- The Top Secret and Secret Information shall be shared only in a closed network with leased line connectivity where SAG grade encryption mechanism is deployed.
- The use of NIC email facility or Government Instant Messaging Platforms (Such as CDAC’s Samvad, NIC’s Sandesh etc) are recommended for the communication of Confidential and Restricted information taking utmost care regarding the classification of information. .
- All are advised to deploy proper firewalls and white-listing of IP addresses while using the e- Office system.
- In the context of Video. Conferencing for official purpose, Government VC solutions offered by CDAC, CDOT and NIC should be used. The meeting ID and password shall be shared only with authorized participants. Top Secret and Secret information shall not be shared during the VC.
- Official working from home, should use security-hardened electronic devices (such as Laptop, Desktop etc) which are connected to the office servers through VPN and firewall setup. It is pertinent to mention that Top Secret/ Secret information shall not be share in the ‘work from environment’.
- Digital Assistants devices like Amazon’s Echo, Apple’s HomePod etc. should not be kept in office. Digital Assistants (such as Alexa, Siri etc.) should be turned off in the smart phones/watches used by the officials.
- Public messaging platform like whatsapp, telegram etc. should not be used for any classified official communication.
In view of the above, It is therefore requested to all concerned that a compliance report may be forwarded to this office at earliest on email id cdaguwedp.dad[at]hub.nic.in.
This may please be accorded ‘Top Priority’
GO (IT&S) has seen