To strengthen the cybersecurity posture of the Union Territory in light of increasing threats such as data theft, network intrusions, malware attacks, insider breaches, and unauthorized access, the Jammu and Kashmir Government on Monday imposed a ban on the use of USB pen drives in official devices in all departments.
The use of public messaging platforms such as WhatsApp or unsecured online services like iLovePDF for processing, sharing, or storing official or confidential materials has also been prohibited to uphold data sovereignty and prevent security breaches, a government order, issued on Monday said.
According to an order issued by M. Raju, Commissioner Secretary to the Government, General Administration Department, USB pen drives may be permitted by exception as a preventive measure. Departments may request the use of 2–3 whitelisted pen drives through a formal proposal initiated by the respective Administrative Head to the State Informatics Officer (SIO), National Informatics Centre (NIC).
The ban applies to all departments except the Administrative Departments in the Civil Secretariat at Jammu and Srinagar and the offices of Deputy Commissioners (DCs) in all 20 districts.
Departments are urged to shift to GOV Drive, a secure cloud-based platform offering 50 GB of storage per official.
"Use of public platforms like WhatsApp and iLovePDF for sharing or processing official data has also been strictly prohibited. The directive takes immediate effect, with non-compliance liable to disciplinary action", the order reads.
"Once approved, the pen drives shall be physically submitted to the respective NIC Cell for reconfiguration, authorization, and ownership registration on GOV Drive (https://govdrive.gov.in)," the order states.
Departments Directed to Adopt Secure Alternatives
As a secure alternative, departments are strongly encouraged to adopt GOV Drive—a cloud-based, multi-tenant platform that provides each government official with 50 GB of secure storage, along with centralized access and robust governance.
In view of these measures, the use of public messaging platforms such as WhatsApp or unsecured online services like iLovePDF for storing, sharing, or processing official or confidential materials is strictly prohibited. This directive is intended to uphold data sovereignty and prevent security breaches.
"All sensitive technical information—including ICT architecture diagrams, system configurations, server details, database schemas, network topologies, and technology stacks—must be treated as confidential. Such data must only be handled through approved secure channels, in accordance with information security best practices as prescribed by the Ministry of Home Affairs (MHA), CERT-In directives, and departmental data classification policies," the order further states.
Failure to comply with these instructions will be viewed seriously and may result in disciplinary action under the relevant rules governing official conduct, IT policy, and administrative responsibility.
These directives have been issued with the approval of the competent authority and shall come into immediate effect. All departments are advised to ensure strict compliance and remain vigilant to uphold secure and safe e-Governance practices.
