Jammu and Kashmir Bans WhatsApp, Pen Drives in Govt Offices to Boost Cybersecurity

In a significant move to enhance cybersecurity, the Jammu and Kashmir government announced a complete ban on the use of pen drives and WhatsApp for official communication across all administrative departments on August 25, 2025. The decision, aimed at protecting sensitive government information and preventing data breaches, follows a series of cyberattacks during Operation Sindoor in May 2025, which targeted critical infrastructure, including the power sector. The government has mandated the use of the cloud-based GovDrive platform for secure data storage and sharing, with strict disciplinary action promised for non-compliance.

Reasons Behind the Ban

The Jammu and Kashmir administration’s decision to prohibit pen drives and WhatsApp stems from heightened concerns over cybersecurity vulnerabilities. Pen drives are notorious for spreading malware and facilitating unauthorized data transfers, while public messaging platforms like WhatsApp and unsecured online services pose risks to data sovereignty. The government’s order, issued by Commissioner Secretary M. Raju of the General Administration Department, emphasizes the need to safeguard sensitive information and minimize risks of data breaches, malware infections, and unauthorized access, particularly after the cyberattacks during Operation Sindoor exposed weaknesses in the region’s digital infrastructure.

Operation Sindoor and Cybersecurity Threats

The ban follows a series of sophisticated cyberattacks during Operation Sindoor in May 2025, which targeted several official websites, including those related to Jammu and Kashmir’s power sector. These attacks disrupted services, with some websites still struggling to recover. Union Power Minister Manohar Lal Khattar recently revealed that India’s electricity sector faced approximately two lakh cyberattacks, underscoring the growing threat to critical infrastructure. The Jammu and Kashmir government’s response reflects a proactive approach to fortify its cybersecurity framework and protect sensitive data from further breaches.

Introduction of GovDrive as a Secure Alternative

To replace pen drives and insecure messaging platforms, the Jammu and Kashmir government has mandated the use of GovDrive, a cloud-based, multi-tenant platform offering 50 GB of secure storage per official. GovDrive enables centralized access and synchronization across devices, ensuring safe and efficient data sharing. The platform is designed to uphold data sovereignty and prevent unauthorized access, aligning with the government’s goal of secure e-governance. Departments have been urged to adopt GovDrive immediately, with non-compliance subject to disciplinary action under IT usage and administrative responsibility rules.

Implementation and Exceptions

The ban applies to all administrative departments in the Civil Secretariat at Jammu and Srinagar, as well as Deputy Commissioner offices across all 20 districts. In exceptional cases where pen drives are required for operational needs, departments may request controlled whitelisting for up to two or three pen drives, subject to formal approval from the State Informatics Officer (SIO) at the National Informatics Centre. Approved devices must be physically submitted for reconfiguration, authorization, and ownership registration before use. This stringent process ensures minimal risk while addressing essential requirements.

Broader Implications for Cybersecurity

The Jammu and Kashmir government’s decision sets a precedent for other states in India, highlighting the critical need to address cybersecurity in government operations. The ban on pen drives and WhatsApp reflects a broader shift towards secure digital practices, especially in regions vulnerable to cyberattacks due to geopolitical tensions. The move also aligns with Union Power Minister Khattar’s call for robust cybersecurity measures across India’s critical infrastructure. By adopting GovDrive and enforcing strict compliance, Jammu and Kashmir aims to lead by example in safeguarding sensitive government data.

The ban on WhatsApp and pen drives in Jammu and Kashmir government offices marks a pivotal step towards strengthening cybersecurity and protecting sensitive information. As the region recovers from the impacts of Operation Sindoor, the adoption of GovDrive and stringent disciplinary measures underscore the government’s commitment to secure e-governance, setting a benchmark for digital security in India.