IRDAI for use of latest OS, IT equipment

Hyderabad, November 15, 2022

‘Put in place a board approved policy on scrapping, disposal of out of date OS, IT equipment’

The Insurance Regulatory and Development Authority of India (IRDAI) has advised all the regulated entities and training institutes to have a board approved policy on scrapping/disposal of out-of-date operating system (OS) and IT equipment.

Its advisory came in the backdrop of a communication from Union Ministry of Electronics and Information Technology to all Central government ministries and departments to discontinue use of out-of-date OS and IT equipment as they make the IT system susceptible to cyber attacks.

With increased digitisation and online governance, cyber security has become integral and important part of the governance. The hackers/crackers exploit weakness such as ignorance or non-adherence to security procedures, flaws in processes or vulnerabilities in technology (both hardware and software), IRDAI said in a communication citing the Ministry order.

The insurance regulator also referred to its April 2017 Guidelines on Information and Cyber Security for insurers pertaining to platform/infrastructure security requiring organisations to configure IT infrastructure including servers, applications, network and security devices to ensure security, reliability and stability.

“You are advised to put in place a Board approved policy on the scrapping / disposal of out of date OS and IT equipment,” the regulator said in the circular.

[The Hindu]