Quezon City – In a decisive move to strengthen its cybersecurity posture and ensure responsible use of government-issued technology, the National Labor Relations Commission (NLRC) has issued a comprehensive Information and Communications Technology (ICT) Use Policy, aimed at all officials and personnel.

The policy, issued under Administrative Order No. 04-01, Series of 2025, and signed by Chairperson Grace E. Maniquiz-Tan, outlines comprehensive guidelines on the use, management, and security of the Commission’s digital infrastructure and assets. It addresseses the growing risks and challenges associated with digital tools by instituting robust controls over desktops, laptops, networks, external devices, cloud services, and official communications.

Under Section 1 of the Administrative Order, NLRC-issued desktops and laptops are designated strictly for official use, with personal usage strictly prohibited. Employees are expected to maintain professionalism in their digital activities and are required to use strong, unique passwords supported by multi-factor authentication (MFA). The policy also mandates regular software updates, the installation of antivirus programs, and the secure handling of devices—including the immediate reporting of any loss or theft.

The policy also extends printing equipment (Section 2), requiring secure placement, regular firmware updates, and the safe disposal of printed materials. Network Attached Storage (NAS) devices (Section 3) must now be registered, encrypted, and routinely backed up. External or portable storage devices (Section 4) are restricted to those issued by the NLRC and must be encrypted, monitored, and securely disposed of when defective.

Section 5 mandates that only authorized software may be installed, with strict maintenance of all license records. Unauthorized copying of software is expressly prohibited.

Dedicated sections also cover e-mail accounts (Section 6), internet services (Section 7), and cloud storage (Section 8)—each strengthening strict access controls, encryption protocols, and the exclusive use of NLRC-authorized systems.

The NLRC is also taking a proactive stance on digital conduct and user accountability. Section 11 outlines the proper use of official social media accounts, including approval protocols, access controls, and restrictions against posting personal opinions on official platforms. Password management (Section 12) is also addressed in detail, establishing rules for secure storage and regular password updates.

Chairperson Maniquiz-Tan emphasized the importance of user responsibility and training, noting that regular awareness campaigns and targeted training sessions will be conducted to ensure compliance and safeguard the Commission’s digital infrastructure.

Under Section 13, the Commission reminds personnel that all ICT resources may be subject to monitoring to ensure compliance. Users are advised not to expect privacy when utilizing NLRC systems, as monitoring tools and audits form a key component of the policy’s implementation.

The ICT Use Policy also details procedures for data protection, retention, and secure disposal, in alignment with applicable data privacy regulations, including NPC Circular No. 2023-06.

To ensure continued relevance and effectiveness, the policy mandates an annual review, or more frequently, as new technologies and cyber threats emerge. Stakeholder feedback will also be solicited to support the policy’s continuous refinement.

This policy marks a significant milestone in NLRC's commitment to digital governance, cybersecurity, and data integrity, aligning with the broader government thrust toward a secure and efficient digital ecosystem.

#NLRC #ICTPolicy #DigitalGovernance