Cyber security By indian Government

 Cyber security By indian Government

 SCOPE AND TARGET AUDIENCE

The following guidelines are to be adhered to by all government employees, 

including outsourced/contractual/temporary employees, who work for 

government Ministry/Department. 

2. DESKTOP/LAPTOP AND PRINTER SECURITY ATOFFICE

2.1 Use only Standard User (non-administrator) account for accessing 

the computer/laptops for regular work. Admin access to be given to 

users with approval of CISO only. 

2.2 Set BIOS Password for booting. 

2.3 Ensure that the Operating System and BIOS firmware are updated 

with the latest updates/patches. 

2.4 Set Operating System updates to auto-updated from a trusted 

source. 

2.5 Ensure that the Antivirus client installed on your systems are 

updated with the latest virus definitions, signatures and patches. 

2.6 Only , which are part of the allowed list 

authorized by CISO, shall be used; any application/software which is 

not part of the authorized list approved by CISO, shall not be used. 

2.7 Always lock/log off from the desktop when not in use. 

2.8 Shutdown the desktop before leaving the office. 

2.9 . 2.10 Setup unique pass codes for shared printers. 

2.11 Internet access to the printer should not be allowed. 

2.12 Printer to be configured to disallow storing of print history. 

2.13 Enable Desktop Firewall for controlling information access. 

in your browser. 

2.14 Keep the GPS, Bluetooth, NFC and other sensors disabled on the 

desktops /laptops and mobile phones. They may be enabled only 

when required. 

2.15 Use a Hardware VPN Token for connecting to any IT Assets located

2.16 Do not write passwords, IP addresses, network diagrams or other 

sensitive information on any unsecured material (ex: sticky/post-it 

notes, plain paper pinned or posted on users table etc.). 

2.17 Do not use any external mobile App based scanner services (ex: 

Cam scanner) for scanning internal government documents. 

2.18 Use of all pirated Operating systems and other 

software/applications that are not part of the authorized list of 

soft . 3. PASSWORD MANAGEMENT

3.1 Use complex passwords with a minimum length of 8 characters, 

using a combination of capital letters, small letters, numbers and 

special characters. 

3.2 Change passwords at least once in 30 days. 

3.3 Use Multi-Factor Authentication, wherever available. 

3.4 he same password in multiple services/websites/apps. 

3.5

documents. 

3.6

or other sensitive information on any unsecured material (ex: 

sticky/post-it notes, plain paper pinned or posted on your table). 

3.7 -Fi 

4.2 While accessing sites where user login is required, always type the 

address bar, 

rather than clicking on any link. 

4.3 Use the latest version of the internet browser and ensure that the 

browser is updated with the latest updates/patches. 

4.4

browser. 

4.5 related information on the internet 

browser. 

4.6 rd party anonymization services (ex: Nord VPN, 

Express VPN, Tor, Proxies etc). 

4.7 rd party toolbars (ex: download manager, weather 

tool bar, ask me tool bar etc.) in your internet browser. 

4.8

from the internet (ex: pirated - movies, songs, e-books, 

4.9 cial systems for installing or playing any Games. 

4.10 Observe caution while opening any shortened URLs (ex: 

tinyurl.com/ab534/). Many malwares and phishing sites abuse 

URL shortener services. Such links may lead to a phishing/malware 

webpage, which could compromise your device. 

5. MOBILE SECURITY

5.1 Ensure that the mobile operating system is updated with the 

latest available updates/patches. 

5.2 e. Rooting or Jail 

breaking process disables many in-built security protections and 

could leave your device vulnerable to security threats. 

5.3 Keep the Wi-Fi, GPS, Bluetooth, NFC and other sensors disabled 

on the mobile phones. They may be enabled only when requir

5.4 Download Apps from official app stores of Google (for android) 

and apple (for iOS). 

5.5 Before downloading an App, check the popularity of the app and 

read the user reviews. 

5.6 Observe caution before downloading any apps which has a bad 

reputation or less user base etc. 

5.7 While participating in any sensitive discussions, switch-off the 

mobile phone or leave the mobile in a secured area outside the 

discussion room. 

5.8 accept any unknown request for Bluetooth pairing or file 

sharing. 

5.9 Before installing an App, to carefully read and understand the 

device permissions required by the App along with the purpose 

of each permission. 

5.10 In case of any disparity between the permissions requested and 

the functionality provided by an app, users to be advised not to 

install the App (Ex: A calculator app requesting GPS and 

Bluetooth permission). 

5.11 Note down the unique 15-digit IMEI number of the mobile device 

and keep it offline. It can be useful for reporting in case of 

physical loss of mobile device. 

5.12 Use auto lock to automatically lock the phone or keypad lock 

protected by pass code/ security patterns to restrict access to 

your mobile phone. 

5.13 Use the feature of Mobile Tracking which automatically sends 

messages to two preselected phone numbers of your choice 

which could help if the mobile phone is lost/ stolen. 

5.14 Take regular offline backup of your phone and external/internal 

memory card. 

5.15 Before transferring the data to Mobile from computer, the data 

should be scanned with Antivirus having the latest update

passwords with any unauthorized persons 

4. INTERNET BROWSING SECURITY

4.1 While accessing Government applications/services, email services 

or banking/payment related services or any other important 

application/services, always use Private Browsing/Incognito Mode 

5.16 Observe caution while opening any links shared through SMS or

social media etc., where the links are preceded by exciting

offers/discounts etc., or may claim to provide details about any

latest news. Such links may lead to a phishing/malware webpage,

Email security

6.1 Ensure that Kavach Multi-Factor Authentication is configured on 

the NIC Email Account. 

6.2 Download kavach app from valid mobile app stores only. Do not 

download from any website. 

6.3 Do not share the email password or Kavach OTP with any 

unauthorized persons. 

6.4

communication. 

6.5

by unknown sender. 

6.6

clicking on the 

in the login history, then the same should be immediately 

reported to NIC-CERT. 

6.7 Use PGP or digital certificate to encrypt e-mails that contains 

important information. 

6.8 Observe caution with documents containing macros

option and ensure that protected mode is enabled on your office 

productivity applications like MS Office. 

7. REMOVABLE MEDIA SECURITY

7.1 Perform a low format of the removable media before the first￾time usage. 

7.2 Perform a secure wipe to delete the contents of the removable 

media. 

7.3 Scan the removable media with Antivirus software before 

accessing it. 

7.4 Encrypt the files /folders on the removable media. 

7.5 Always protect your documents with strong password. 

7.6 -in the removable media on any unauthorized devices. 

8. SOCIAL MEDIA SECURITY

8.1 Limit and control the use/exposure of personal information while 

accessing social media and networking sites. 

8.2 Always check the authenticity of the person before accepting a 

request as friend/contact. 

8.3 Use Multi-Factor authentication to secure the social media 

accounts. 

8.4 Do not click on the links or files sent by any unknown 

contact/user. 

8.5 Do not publish or post or share any internal government 

documents or information on social media. 

8.6 Do not publish or post or share any unverified information 

which could compromise your device.

5.17 Report lost or stolen devices immediately to the nearest Police

Station and concerned service provider.

5.18 Disable automatic downloads in your phone.

5.19 Always keep an updated antivirus security solution installed.