NIC begins security audit
THE NATIONAL Informatics Centre (NIC) has commenced the work of carrying out elaborate ?security audit? of all the UP Government websites hosted on its server in the country.india Updated: Sep 04, 2006 01:20 IST
THE NATIONAL Informatics Centre (NIC) has commenced the work of carrying out elaborate “security audit” of all the UP Government websites hosted on its server in the country.
This is being done as part of a mandatory nationwide exercise taken up by the Union Government for ensuring security of government data at the State and Central level from hacker attacks and terrorist elements.
The Uttar Pradesh Government has around 59 departmental websites hosted on the NIC server which are currently undergoing stringent audit process for content and applications security to prevent them from being a victim of hacker or terrorist attacks.
The audit exercise involved going through the entire content of the websites for identifying information which are crucial to national security for their protection as part of a massive data security exercise taken up across the country,” a senior NIC official involved with the auditing process told Hindustan Times.
He said that the procedure and programs used in government websites both at the content and application level are being checked for their vulnerability to hacker attacks and appropriate remedial measures are being suggested to the Department of IT & Electronics, Government of UP for further action.
“We have been taking due care with carrying out internal security audits of state government websites which are not on the NIC server by advising various departments on web security measures from time to time,” Sudhir Kumar, managing director, Uttar Pradesh Development Systems Corporation Ltd (UPDESCO) said.
The official informed that the Uttar Pradesh Government is also carrying out security audit of websites which had not been hosted on the National Informatics Centre server or even those websites which have not been developed by the National Informatics Centre.
“As a rule, any government website being developed by a third party could be audited by only the approved panel of IT Security auditors. These auditors provide an “Audit Cleared Certificate” to the concerned state government which is to be submitted to the NIC Web Co-ordinator,” he said.
The government websites cannot provide links to any objectionable website or even maintain “broken links”, he added.