Prohibited acts in the use of internal computer network of the Ministry of Education and Training of Vietnam

Prohibited acts in the use of internal computer network of the Ministry of Education and Training of Vietnam​ (Image from Internet)

On October 30, 2024, the Minister of Education and Training of Vietnam issued Decision 3238/QD-BGDDT regarding the Regulations on management and use of the computer network to ensure cyber security of the Ministry of Education and Training of Vietnam.

1. Prohibited acts in the use of internal computer network of the Ministry of Education and Training of Vietnam

According to the provisions in Article 4 of the Regulations issued with Decision 3238/QD-BGDDT of 2024, the acts prohibited in the use of internal computer network of the Ministry of Education and Training include:

- Acts prohibited as stipulated in Article 7 of the Law on Network Information Security 2015 and Article 8 of the Cybersecurity Law 2018.

- Unauthorized connection of network devices, address allocation devices, and broadcasting equipment such as personal wireless access points to the internal network without the guidance or consent of the unit operating the internal network system.

- Unauthorized changes or removal of information security measures installed on information technology devices used for work; unauthorized replacement, new installation, or swapping of computer components used for work.

- Intentionally creating, installing, or disseminating malware that affects the normal operation of the information system.

- Obstructing the provision of information system services; blocking access to information of agencies or other individuals on the network, except as permitted by law.

- Hacking or unauthorized use of passwords, cryptographic keys, and information of agencies or other individuals on the network.

- Other acts that compromise the safety and confidentiality of agency or individual information when exchanging, transmitting, or storing on the network.

2. General principles for using the internal computer network of the Ministry of Education and Training of Vietnam

The general principles for using the internal computer network of the Ministry of Education and Training are specifically outlined in Article 3 of the Regulations issued with Decision 3238/QD-BGDDT of 2024:

- Managing and exploiting the computer network of the Ministry of Education and Training to ensure stability, unity, and optimal support for the use and exploitation of information systems within the Ministry. Information security and cyber security measures must be consistently and synchronously implemented throughout the procurement, upgrading, operation, maintenance, and decommissioning of infrastructure, information systems, software, and data.

- Ensuring information security and cyber security must be linked to the responsibility of the heads of agencies, units, and directly related individuals.

- In cases where there are updated or substitute regulations or other provisions in legal normative documents or decisions from higher authorities, the regulations in those documents shall apply.

- Information classified as State secrets must be protected in accordance with the law on the protection of State secrets.

- Handling information security and cyber security incidents must align with the responsibility, authority, and ensure the legitimate interests of related agencies, units, and individuals according to the law.

Refer to more details in the Decision 3238/QD-BGDDT (effective from October 30, 2024).

>> CLICK HERE TO READ THIS ARTICLE IN VIETNAMESE