N-24015/1/2022-Computer Cell-DOR-DOR-part(1)
N-24015/1/2022-CC
GOVERNMENT OF INDIA
MINISTRY OF FINANCE
DEPARTMENT OF REVENUE
………..
North Block. New Delhi
Dated the 13th January 2023
CIRCULAR
Subject: Cyber Security Guidelines — reg.
In reference to the subject cited above and in accordance with the NICs instructions, all officers/officials of Department of Revenue are required to follow the following Cyber Security Guidelines issued by the NIC to ensure Cyber Security in the Department:-
1. Use complex password with a minimum length of 8 characters, using a combination of capital letters, small letters, numbers and special characters.
2. Change your passwords at least once in 45 days.
3. Use multi-factor authentication, wherever available.
4. User shall strictly be advised to download KAVACH application only from kavach.mail.gov.in and keep a check on ‘Registered Devices’ and ‘User Country Policy’ in Kavach App/Web portal to allow only permitted devices and country to access respectively.
5. Save your data and files on the secondary drive (ex: d:\). Maintain an offline backup of your critical data.
6. Keep your Operating System and BIOS firmware updated with the latest updates patches. Install centralized antivirus client offered by the Government on your official desktops/laptops.
7. Ensure that the antivirus client is updated with the latest virus definitions, signatures and patches.
8. Observe caution while opening any links shared through SMS or social media, die., where the links are preceded by exciting offers/discounts, etc., or may claim to provide details about any current affairs. Such links may lead to a phishing/malware webpage, which could compromise your device.
9. Use authorized and licensed software only.
10. When you leave your desk temporarily, always lock/log-off from your computer session.
11. When you leave office, ensure that your computer and printers are properly shutdown.
12. Keep the GPS. Bluetooth, NFC and other sensors disabled on your computers and mobile phones. They maybe enabled only when required.
13. Use a Standard User (non-administrator) account for accessing your computer/laptops for regular work.
14. Observe caution While opening any shortened uniform resource locator (URLs) (ex: tinyorl.comdab534/). Many malwares and phishing sites abuse URL shortener services.
(Mukesh Sundriyal)
Under Secretary to the Government of India
Tel No. 011-23095419
To
All officers/officials of Department of Revenue (Headquarters)/CBDT/CBIC
