DICT orders updating of govt websites’ cryptographic protocols
MANILA, Philippines – The Department of Information and Communications Technology (DICT) has directed all designated management information system (MIS) server operators to utilize the updated version of cryptographic protocols for all government websites to ensure that vital information systems are encrypted and secure from cyber threats.
DICT Secretary Gregorio Honasan said this directive is contained in the Department Circular 007 issued on April 16.
“The DICT commits to protect our information systems as critical assets of the government in support of national efforts promulgated by President Rodrigo Roa Duterte and the Inter-Agency Task Force for the Management of Emerging Infectious Diseases to manage the COVID-19 pandemic and its consequences on the nation’s ICT landscape,” Honasan said in a statement on Monday.
In explaining the directive, DICT Assistant Secretary Emmanuel Rey Caintic added that the DICT wants to promote responsibility and accountability among Information Technology practitioners in the government, especially MIS administrators, noting that cybercrime cases are “prevalent” during the coronavirus disease 2019 (COVID-19) pandemic.
Honasan said the circular mandates designated MIS administrators to migrate and configure all their existing web servers to the updated version of the Transport Layer Security (TLS) protocol to ensure enhanced communications security for government agencies, state universities and colleges, and government-owned or controlled corporations, among others.
TLS is a cryptographic protocol prominently used for end-to-end security for transactions made over the Internet. It aims to prevent the occurrence of network eavesdropping, data tampering and message forging.
All concerned MIS administrators are enjoined to comply with the directives, said Caintic.
“To contribute to the administration’s efforts of keeping the people safe from the coronavirus, we should likewise keep them safe from threats against their data privacy and cybersecurity,” he added.
The department circular takes effect immediately in view of the public health emergency in the country due to the pandemic.