Deactivate official websites on private domains: J&K admn to depts

In the wake of cyber attacks launched by foreign hackers on various government websites during recent conflict between India and Pakistan, the Jammu and Kashmir administration has issued a comprehensive advisory to all government departments, directing them to deactivate official websites on private domains immediately.

A circular issued by the General Administration Department (GAD) Secretary, M Raju called for the enforcement of a secure, standardised and policy-compliant digital and Information Technology (IT) environment across government establishments in J&K.

The decision follows a high-level meeting chaired by the J&K Chief Secretary, during which growing concerns over unauthorised digital platforms, outdated hardware and software, and rising incidents of data breaches and phishing attacks were discussed.

“Departments operating official websites on private domains have been ordered to deactivate them immediately. The National Informatics Centre (NIC) in J&K will assist in migrating these to secure government domains such as ‘.gov.in’ or ‘.jk.gov.in’,” M Raju said in a circular here.

He further said, “No new websites are to be created or hosted without IT Department approval” The circular said in view of the growing risks associated with unauthorised digital platforms, outdated hardware, software infrastructure and increasing incidents of data compromise and phishing, a comprehensive set of instructions is hereby issued for immediate implementation and strict compliance.

Referring to compliance with the IT Act and guidelines, the circular said all departments must nominate officers for cybersecurity training sessions and ensure adherence to national cybersecurity protocols.

Laying focus on the standardisation of IT hardware and software, it said government offices must only procure IT equipment that meets specifications set by the IT Department. “The use of pirated or obsolete software, including unlicensed office suites or design tools, must be stopped. Departments must also plan updates and upgrades for all software nearing end-of-support.” The government has made reporting and monitoring mandatory and directed departments to submit detailed compliance reports within 15 days. “These must include website domain status, email compliance, IT audit results and plans for rectifying use of outdated or pirated software.” The circular warns that any failure to implement these directions will be taken seriously and can lead to disciplinary action under official conduct and IT governance rules.

The guidelines take immediate effect and are aimed at ensuring secure, accountable and modern digital governance across the Union Territory.

The administration has also made it mandatory for all officials to use NIC-provided government email IDs for all official communication. “As per fresh directions issued to all departments, no communication should be made or responded to if sent from private email services like Gmail, Yahoo or Rediffmail in order to ensure data confidentiality and prevent leaks of sensitive information”, the circular said.

It further directed the heads of departments (HoDs) to ensure immediate issuance and activation of official NIC email IDs for all staff involved in administrative or public-facing roles. “Any email received from a non-government domain will be treated as unofficial and may not be acted upon,” it said.

J & K