- Government employees are being banned from using third-party storage services like Google Drive and DropBox, and also being banned from using third-party VPN services such as NordVPN, ExpressVPN, etc.
- All government employees are temporary, contractual, and outsourced resources are required to comply with the order.
- Employees are advised to use DigiLocker.
According to the new guidelines passed by the state’s National Informatics Centre (NIC), all Government employees have been banned from the use of third-party cloud storage services such as Google Drive and Dropbox. The use of third-party VPN services such as NordVPN, ExpressVPN, Tor, etc. has also been banned. All the government employees from all the ministries and departments are required to comply with the above order passed.
Services of Google Drive, DropBox, and VPN now stand banned
As per the new guidelines passed by the NIC, Government employees are asked not to upload or save any internal, restricted, or kind of confidential data or files on any non-government cloud services. The employees are now asked to use unauthorized remote administration tools such as TeamViewer, AnyDesk, etc., also external email services as well as any kind of 3rd party video conferencing services are banned for official communication and conducting meetings related to sensitive information.
“All government employees, including temporary, contractual, and outsourced resources, are required to strictly adhere to the guidelines mentioned in this document. Any non-compliance may be acted upon by the respective CISOs/Department heads,” said the NIC document labeled “restricted“.
As the directive suggests that no government employee shall use any kind of non-government cloud services, the Government has introduced its storage service named DigiLocker, wherein all the users can store their documents free of cost.
Reason for Ban
Due to the increased use of Information and Communications Technology (ICT), there have been constant threats and cyber-attacks happening nowadays. These attacks are caused by a lack of proper cyber security practices. To regularize and build awareness about the Do’s and Don’ts of Cyber Security Laws amongst the staff and contracted/outsourced resources, these new sets of guidelines have been passed.