Press "Enter" to skip to content

J&K administration calls for security audit of govt websites

Last Updated on July 11, 2022 at 7:25 pm

The Government of the Union Territory of Jammu and Kashmir has given instructions for an immediate security assessment of all government websites and training of all staff members on fraudulent WhatsApp messages in order to combat the threat of spamming and phishing. It has also been stated explicitly that no digital service can be launched without first undergoing a security audit from one of the agencies that has been appointed.

All applications and online services must undergo a security audit in accordance with the Information Technology Act of 2008 in order to be qualified for hosting in the State Data Centre (SDC). It is strongly advised that following the successful hosting of a website in the SDC, a periodic security audit, as per the appropriate frequency, should be carried out for the same considering that the solutions implemented at the SDC are constantly changing, the government instructed.

In recent Committee of Secretaries meetings, which were presided over by Chief Secretary Dr. Arun Kumar Mehta, the topic of security audits of all government websites was discussed. As a result, all departments were instructed to have this crucial exercise carried out in consultation with the Information Technology Department.

It is important to note that a website security audit is a procedure that evaluates websites and applications for flaws and vulnerabilities. The audit checks the server and webpages for any current or future security holes that hackers may use. The goal of this operation, according to insiders, is to proactively hunt for and fix architectural issues with websites before dangerous hackers can do so.

The Chief Secretary has instructed all departments to have a cyber security assessment of their digital services performed by assigned agencies. The information security officer in question will manage this audit in cooperation with the information technology department.

The Information Technology Department has been given instructions to educate all public workers about phoney WhatsApp messages in addition to investigating the use of other applications and official e-mails for official communications as the threat of spam and phishing has begun to concern the authorities.