Cyber Security and General Guidelines | |
Cybersecurity standards are techniques that attempt to protect the cyber environment of a user or organization. This environment includes users themselves, networks, devices, all software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks. The principal objective is to reduce the risks, including prevention or mitigation of cyber-attacks. General Guidelines to be followed regarding Cyber Security1. Up to date Antivirus/ Windows Security should be installed in all the PCs/ laptops being maintained by respective offices. 2. Any incident related to cyber security e.g. Password hack, Ransomware attack or data corruption due to unknown reasons must be reported by respective ISOs to ciso@pstcl.org. 3. Operating Systems of PCs/ Laptops must be updated regularly with latest patches and upgrades. Also keep your software/drivers updated with the latest updates/patches. 4. Backup of important data stored in PCs/ Laptops must be taken on periodic basis (i.e. daily/weekly etc. as per office requirement & policy). Save your data and files on the secondary drive instead of system drive. 5. Passwords must be changed periodically for security reasons. Don’t save your passwords in the browser or in any unprotected documents. 6. Pen drives/ any other external media from unknown sources should not be used in official PCs/Laptops. Similarly, any external devices owned by PSTCL officers/official should not be used in the unknown PCs/ Laptops. 7. Pirated software should not be used in official PCs/ Laptops strictly. 8. Avoid downloading from freeware websites, websites of dubious nature, etc. 9. Don’t share any sensitive information with any unauthorized or unknown person over telephone or through any other medium. 10. When you leave office, ensure that your computer and printers are properly shutdown. When you leave your desk temporarily, always lock/log-off from your computer session. 11. Keep the GPS, Bluetooth, NFC and other sensors disabled on your computers and mobile phones. They maybe enabled only when required. 12. There should be minimum two accounts in PCs/laptops being used by officials/officers, Administrator account and Limited user (Standard) account. There should be only one Administrator account, and in case of PCs the password of Administrator account should be with the office in charge and must not be shared with anyone. More than one password protected Limited User accounts can be created as per the requirement. 13. Always use a Limited User (non-administrator) account for accessing your PCs/laptops for all type of work in order to protect your system from viruses, malwares, malicious programs or any other unauthorised access. Guidelines regarding email1. Only official email IDs must be used for official correspondence. 2. In case official Email IDs are not already created for any user, he/she may write to seit@pstcl.org through proper channel for creation of official email id. 3. It must be ensured that the PC and browser is up to date where official email id is opened. 4. Email accounts password must be strong. 5. Email Password should not to be shared with anyone by any user. 6. Passwords must be changed periodically for security reasons. 7. Password of email should not be saved in browsers. 8. Don’t click on attachments from unknown sources received in emails. 9. Official email account should not be opened using open Wi-Fi at public places. Cyber security Guidelines for Government Employees1. For Cyber security Guidelines for Government Employees issued by National Informatics Centre (NIC), Ministry of Electronic and Information Technology, Government of India please click on the following link Cyber security Guidelines for Government Employees. |