All civil servants working from home and are engaged in logging and accessing government information have been directed to adhere to the cyber hygiene guidelines released by the Ministry of ICT, Innovations and Youth Affairs.
The Principal Secretary for Information, Communication, Technology and Innovation, Jerome Ochieng said the government has put in place various measures to ensure cyber hygiene and security of government systems is maintained in line with the Government of Kenya Information Security Standard.
He said staff from agencies who log and access government systems are required to use secure Wi-Fi and VPN connection, while all ministries, departments and agencies will also be required to have in place valid and updated anti-virus and anti-malware software for laptops and machines, as well as ensure that their security tools and software are updated with the latest path levels and regularly monitored.
“All government agencies should ensure that critical systems are regularly backed up in line with their respective backup policies,” said Ochieng.
In a press statement , the PS also called on civil servants handling government communications to use secure connections that guarantee encryption.
“This calls for ICT Officers and Information Security Officers of the respective agencies to be extra vigilant and to continually monitor their infrastructure and security systems,” he stated.
Ochieng urged the officers to flag out unusual and strange activity on the networks and report the incidences using escalation lines.
The PS also directed staff engaged in teleworking to only use secure public Wi-Fi access points to connect to government systems, stressing that access to all critical government systems and data would only be restricted to the designated VPN link/connection by the relevant ministry, department or agency.
He said officers engaged in teleworking would not be allowed to use public cybercafes to access government systems and encouraged them to use private connections such as data bundles.
“All employees should ensure that their laptops and machines require authentication and log-ins prompt for any user to log-in and be vigilant of social engineering schemes not to divulge sensitive government information through coercion,” he warned.
The PS said compliance with the set guidelines by both staff and agencies would greatly enhance the safety and hygiene of the government systems in all ministries.
Ochieng called on Agencies that needed assistance to notify the ICT Authority through email@example.com and website www.icta.go.ke .