The move has originated in view of massive cyber breaches from foreign countries on the system for past two years. The Prime Minister’s Office and the Defence Ministry had already put such a directive in place as a similar security measure.
The Indian Home Ministry has started disassociating its functions from the worldwide web, directing its staff linked to government work in any way to quit the habit of operating social media from their official devices, including cellphones and computers.
“No classified government information can be stored on private cloud services (Google drive, Dropbox, iCloud etc) and doing so may make you liable for penal action, in case of data leakage,” according to a 24-page official document released by the Union Home Ministry.
The new directive is applicable to all personnel, including employees, contractual staff, consultants, partners, and third-party staff, numbering in the thousands across the country.
The ministry has clearly stated that classified data “should be encrypted before it is copied onto removable storage media designated to store classified information”.
Cautioning staff about the social engineering attacks, the Home Ministry’s 24-page document says: “It is the conscious manipulation of people to obtain information without realising that a security breach is occurring. It may take the form of impersonation via telephone or in person and through email.”
The ministry has termed it as “not an exhaustive list of prescriptions for information security but basic minimum precautions must be taken”.
The new directive is part of Indian cyber Crime Coordination Centre Scheme which has been implemented by Amit Shah-headed Indian Home Ministry at an estimated cost of $61 million.
A senior official told Sputnik this is in line with the “Cyber Crisis Management Plan” of the government, which is taking several measures to counter cyber attacks and cyber terrorism.
After massive sensitive data breach in 2015 from the country’s Defence Ministry, the Narendra Modi government had taken strict measures and strengthened cyber security.
Government records suggest that 2018 witnessed 208,456 cyber security incidents including phishing, network scanning and probing, virus / malicious code and website hacking in the country. It’s more than combined attacks during 2014, 2015, 2016, and 2017.