Home » News » India » Check misuse of user-id, password: Central Vigilance Commission to banks, insurance companies
2-MIN READ

Check misuse of user-id, password: Central Vigilance Commission to banks, insurance companies

Check misuse of user-id, password: Central Vigilance Commission to banks, insurance companies

The Central Vigilance Commission has suggested surprise inspections by the chief vigilance officers of the public sector banks and insurance companies to check frauds due to misuse of user-id and password of officers by sharing it with unauthorised persons.

New Delhi: The Central Vigilance Commission has suggested surprise inspections by the chief vigilance

officers of the public sector banks and insurance companies to check frauds due to misuse of user-id and password of officers

by sharing it with unauthorised persons.

The Commission has of late observed that in many cases relating to banking sector, insurance sector, central public

sector enterprises and even in other organisations functioning in a computerised environment, frauds were being perpetrated

on account of the officers sharing their user-id and password with unauthorised persons and not disabling them on their

transfer, retirement, suspension or long leave.

It was also noticed that the officers were not frequently changing their password. "The Commission is of the view that

periodic change of passwords by officers would be an important preventive vigilance measures to address the issues," the CVC

said in a directive to all ministries, banks, insurance companies and autonomous organisations.

The email-ids, user-ids, etc for accessing the secure systems should be disabled once an officer superannuates, placed under suspension or not required to perform any function on account of proceeding on long leave, training, deputation, transfer, etc, it said.

"Introducing a provision in the system, or software itself at a pre-decided time period (i.e. a fortnight or a month) to

change password could also be one of the options for preventing misuse by unauthorised persons," the CVC said.

The move comes following cases of frauds worth crores of rupees were noticed by Commission through misuse of secure ids

and passwords, Commission officials said. "In addition, it also needs to be ensured by way of periodic surprise inspections or checks by next higher

authority or controlling officers as to whether the user-ids and password are being shared by the officers with any

unauthorised persons," the anti-corruption watchdog said.

The Commission had earlier advised chief vigilance officers (CVOs), who act as distant arm of CVC, of all public

sector banks to ensure secrecy of employees' passwords and also keep on changing them frequently so that frauds being

committed on account of misuse of passwords of employees may be avoided in the public sector banks. However, its

instructions were not followed in toto.

"CVOs of banks were to take suitable action and regularly monitor secrecy of passwords and any instances of casual

approach by any password holder was to be dealt ruthlessly by the concerned bank as the same may put huge funds at risk. It

appears that the spirit of circular is not being implemented," the CVC said.

All CVOs have been advised to put in place preventive measures and carry out periodic inspections to check any such

illegal practise. They have been also asked to send an action taken report to the Commission on the verification conducted

by them in this regard, it said.

first published:August 03, 2015, 16:19 IST