Team Herald
PANJIM: The Department of Information Technology, Electronics and Communications (DITE&C) has introduced new Security Protocols for Website Protection, aimed at creating a secure and trusted online environment for all citizens. The government has established comprehensive cybersecurity guidelines that all vendors, contractors, and service delivery agencies (SDAs) must adhere to, ensuring the highest standards of data protection.
By integrating security protocols at every stage of application development—from design to deployment and maintenance—vendors are committed to safeguarding citizens' data across all government operations. To bolster the security of IT assets in remote data centers and cloud environments, the use of Hardware VPN Tokens and Multi-Factor Authentication (MFA) with VPN services is strongly recommended.
In addition, DITE&C will host a specialized workshop for government website developers and associated stakeholders. This workshop will focus on ensuring compliance with top security standards, updating vendors on the latest cybersecurity protocols, and aligning website stakeholders with best practices for secure operations.
All website design and development agencies empaneled under the WDDA project are required to comply with the software security standards outlined in GIGW 3.0. This includes the installation of SSL certificates, conducting timely security audits, ensuring compliance, and obtaining STQC certification while adhering to TLS protocols.
To address both new and existing vulnerabilities, thorough audits of all government websites will be conducted, focusing on identifying and rectifying security gaps. The renewal of SSL certificates for websites is also a priority, reinforcing the online infrastructure. Furthermore, vendors are now required to provide comprehensive reports detailing their information security practices, promoting transparency and accountability.
All personnel involved in government operations must comply with established cybersecurity policies and undergo regular training to ensure they are well-equipped to handle the latest security challenges.