Cyber security By indian Government
SCOPE AND TARGET AUDIENCE
The following guidelines are to be adhered to by all government employees,
including outsourced/contractual/temporary employees, who work for
government Ministry/Department.
2. DESKTOP/LAPTOP AND PRINTER SECURITY ATOFFICE
2.1 Use only Standard User (non-administrator) account for accessing
the computer/laptops for regular work. Admin access to be given to
users with approval of CISO only.
2.2 Set BIOS Password for booting.
2.3 Ensure that the Operating System and BIOS firmware are updated
with the latest updates/patches.
2.4 Set Operating System updates to auto-updated from a trusted
source.
2.5 Ensure that the Antivirus client installed on your systems are
updated with the latest virus definitions, signatures and patches.
2.6 Only , which are part of the allowed list
authorized by CISO, shall be used; any application/software which is
not part of the authorized list approved by CISO, shall not be used.
2.7 Always lock/log off from the desktop when not in use.
2.8 Shutdown the desktop before leaving the office.
2.9 . 2.10 Setup unique pass codes for shared printers.
2.11 Internet access to the printer should not be allowed.
2.12 Printer to be configured to disallow storing of print history.
2.13 Enable Desktop Firewall for controlling information access.
in your browser.
2.14 Keep the GPS, Bluetooth, NFC and other sensors disabled on the
desktops /laptops and mobile phones. They may be enabled only
when required.
2.15 Use a Hardware VPN Token for connecting to any IT Assets located
2.16 Do not write passwords, IP addresses, network diagrams or other
sensitive information on any unsecured material (ex: sticky/post-it
notes, plain paper pinned or posted on users table etc.).
2.17 Do not use any external mobile App based scanner services (ex:
Cam scanner) for scanning internal government documents.
2.18 Use of all pirated Operating systems and other
software/applications that are not part of the authorized list of
soft . 3. PASSWORD MANAGEMENT
3.1 Use complex passwords with a minimum length of 8 characters,
using a combination of capital letters, small letters, numbers and
special characters.
3.2 Change passwords at least once in 30 days.
3.3 Use Multi-Factor Authentication, wherever available.
3.4 he same password in multiple services/websites/apps.
3.5
documents.
3.6
or other sensitive information on any unsecured material (ex:
sticky/post-it notes, plain paper pinned or posted on your table).
3.7 -Fi
4.2 While accessing sites where user login is required, always type the
address bar,
rather than clicking on any link.
4.3 Use the latest version of the internet browser and ensure that the
browser is updated with the latest updates/patches.
4.4
browser.
4.5 related information on the internet
browser.
4.6 rd party anonymization services (ex: Nord VPN,
Express VPN, Tor, Proxies etc).
4.7 rd party toolbars (ex: download manager, weather
tool bar, ask me tool bar etc.) in your internet browser.
4.8
from the internet (ex: pirated - movies, songs, e-books,
4.9 cial systems for installing or playing any Games.
4.10 Observe caution while opening any shortened URLs (ex:
tinyurl.com/ab534/). Many malwares and phishing sites abuse
URL shortener services. Such links may lead to a phishing/malware
webpage, which could compromise your device.
5. MOBILE SECURITY
5.1 Ensure that the mobile operating system is updated with the
latest available updates/patches.
5.2 e. Rooting or Jail
breaking process disables many in-built security protections and
could leave your device vulnerable to security threats.
5.3 Keep the Wi-Fi, GPS, Bluetooth, NFC and other sensors disabled
on the mobile phones. They may be enabled only when requir
5.4 Download Apps from official app stores of Google (for android)
and apple (for iOS).
5.5 Before downloading an App, check the popularity of the app and
read the user reviews.
5.6 Observe caution before downloading any apps which has a bad
reputation or less user base etc.
5.7 While participating in any sensitive discussions, switch-off the
mobile phone or leave the mobile in a secured area outside the
discussion room.
5.8 accept any unknown request for Bluetooth pairing or file
sharing.
5.9 Before installing an App, to carefully read and understand the
device permissions required by the App along with the purpose
of each permission.
5.10 In case of any disparity between the permissions requested and
the functionality provided by an app, users to be advised not to
install the App (Ex: A calculator app requesting GPS and
Bluetooth permission).
5.11 Note down the unique 15-digit IMEI number of the mobile device
and keep it offline. It can be useful for reporting in case of
physical loss of mobile device.
5.12 Use auto lock to automatically lock the phone or keypad lock
protected by pass code/ security patterns to restrict access to
your mobile phone.
5.13 Use the feature of Mobile Tracking which automatically sends
messages to two preselected phone numbers of your choice
which could help if the mobile phone is lost/ stolen.
5.14 Take regular offline backup of your phone and external/internal
memory card.
5.15 Before transferring the data to Mobile from computer, the data
should be scanned with Antivirus having the latest update
passwords with any unauthorized persons
4. INTERNET BROWSING SECURITY
4.1 While accessing Government applications/services, email services
or banking/payment related services or any other important
application/services, always use Private Browsing/Incognito Mode
5.16 Observe caution while opening any links shared through SMS or
social media etc., where the links are preceded by exciting
offers/discounts etc., or may claim to provide details about any
latest news. Such links may lead to a phishing/malware webpage,
Email security
6.1 Ensure that Kavach Multi-Factor Authentication is configured on
the NIC Email Account.
6.2 Download kavach app from valid mobile app stores only. Do not
download from any website.
6.3 Do not share the email password or Kavach OTP with any
unauthorized persons.
6.4
communication.
6.5
by unknown sender.
6.6
clicking on the
in the login history, then the same should be immediately
reported to NIC-CERT.
6.7 Use PGP or digital certificate to encrypt e-mails that contains
important information.
6.8 Observe caution with documents containing macros
option and ensure that protected mode is enabled on your office
productivity applications like MS Office.
7. REMOVABLE MEDIA SECURITY
7.1 Perform a low format of the removable media before the firsttime usage.
7.2 Perform a secure wipe to delete the contents of the removable
media.
7.3 Scan the removable media with Antivirus software before
accessing it.
7.4 Encrypt the files /folders on the removable media.
7.5 Always protect your documents with strong password.
7.6 -in the removable media on any unauthorized devices.
8. SOCIAL MEDIA SECURITY
8.1 Limit and control the use/exposure of personal information while
accessing social media and networking sites.
8.2 Always check the authenticity of the person before accepting a
request as friend/contact.
8.3 Use Multi-Factor authentication to secure the social media
accounts.
8.4 Do not click on the links or files sent by any unknown
contact/user.
8.5 Do not publish or post or share any internal government
documents or information on social media.
8.6 Do not publish or post or share any unverified information
which could compromise your device.
5.17 Report lost or stolen devices immediately to the nearest Police
Station and concerned service provider.
5.18 Disable automatic downloads in your phone.
5.19 Always keep an updated antivirus security solution installed.
0 टिप्पणियाँ