Boost cybersecurity measures, SC orders judiciary personnel
By J.Lo
"These digital applications collect users' data and create digital images that mimic individual's looks and speech, which can be used to create fake profiles that can lead to identity theft, social engineering, and phishing attacks," Supreme Court (SC) has ordered officials and personnel of judiciary to strengthen cybersecurity measures to "minimize risk of cyber threats" as it issued guidelines to be followed by courts on "proper cyber hygiene."
Directive was in light of recent data breach involving Philippine Health Insurance Corp., where at least 13 million members have been affected.
Under Administrative Order No. 150-2023, guidelines include actions to be followed on email safety, password security, software and system updates, data backup, safe internet usage, device security and suspicious activity reports.
To protect against phishing emails, which usually contain malicious links or attachments, SC said judiciary personnel should examine carefully sender's email address and not open links and attachments unless these have been verified to be legitimate.
It added personnel should check for misspellings or inconsistencies, typographical errors, grammatical errors, or awkward language.
High court also suggested judiciary personnel should never use personal information and dictionary words in creating passwords and instead use passphrases or sequence of random words, use password manager, and to enable multi-factor authentication system in their accounts.
Judiciary officials and personnel were also directed to ensure operating systems of their devices such as laptops, desktops, smartphones, tablets and other electronic devices are up to date.
Guidelines also recommend court officials and personnel follow "3-2-1 backup rule" where users must maintain three separate copies of their data original in their primary device and two additional copies in different locations; two backup media formats; and one offsite backup.
This, SC said, is "to ensure data redundancy and availability in case of hardware failure, data corruption, or other catastrophes."
High court also urged court officials and personnel to avoid visiting high-risk websites and downloading files from untrusted sources to protect their personal information, privacy and security.
SC also recommended download files and software only from reputable sources and use only secure and judiciary-approved file-sharing platforms for work-related activities.
Court officials and personnel were also directed to lock their respective computers and devices when not in use, especially when in shared or public places.
They were also instructed to immediately report lost or stolen devices and suspicious emails, links, ads, or email attachments to SC Management Information System Office "to prevent data leak and to maintain safe online environment."
SC warned court officials and employees of risks of using artificial intelligence in digital applications, particularly those that require users to submit several photos of themselves to generate enhanced portraits.
No comments:
Post a Comment