KATHMANDU: A 102-point advisory has been issued to protect government websites, data and networks.
The National Cyber Security Centre has issued a cyber security advisory to protect the information technology system of government offices and to shield them from potential cyber threats.
The advisory includes various security measures related to the use of government offices’ websites, applications, servers, networks, desktops, laptops, mobile devices and social networks.
Centre’s Director Raj Kumar Maharjan said that the advisory has been issued after problems like cyber attacks on and information theft from website of the government offices were seen.
“Serious cyber problems are being created due to general ignorance or negligence. If we inform the users about this, we hope that the problem will be reduced. This advisory is not only for the employees of this government body, but for all citizens,” he said.
The Centre has also written to all ministries, commissions and departments to determine the focal person to contact if there is a problem in the government website or application.
For website and network security, it has been advised to update the website regularly, conduct security tests and implement a business continuity plan by keeping regular ‘backup’ of data.
Similarly, instructions have been issued to update antiviruses, databases, application libraries and operating systems and to implement multifactor authentication.
The advisory has suggested using only licensed software for desktop, laptop and printer security, and automatically updating the system and bios, and to take measures to keep printers out of internet access.
For password management, it is recommended to keep password that cannot be easily inferred, to change it at least once in three months, and to use multifactor authentication to maintain privacy.
For internet browsing security, use of secure browsing methods, of updated browsers and sharing personal information only on unauthorized websites has been suggested.
The advisory warns against posting unauthorized content on social media and to use a limited amount of personal information in it and it has emphasized that attention should be paid to the updated operating system for the security of mobile devices, downloading the app only from reliable sources.
The Centre has also urged to make arrangements for regular cyber security training to the concerned employees for effective implementation of these measures. The Centre has stated that cyber security can be strengthened by focusing on website updates, data backup, secure passwords, multi-factor authentication, network segmentation and antivirus updates, among others.
Centre Director Maharjan said that these security measures are expected to protect the government system from cyber threats and increase citizen awareness.
Comment