E-Security

advertisement
E-Security
• Background
• IT Infrastructure in Sikkim
• Current Status of Cyber Security& Cyber
Crime in SIkkim
• Strategic Approach undertaken by IT
Department, Govt. of Sikkim
• Future Plan of Action
Background
• There is no doubt that e-Governance will making
life easier for the citizens. However this involves
putting important and critical information on the
cyber space and exposes the IT infrastructure to
hackers But this not make us complacent. With
the State Data Centre (SDC) has been
operationalised, the State Wide Area Network
(SWAN) is functional and preliminary work on
State Service Delivery Gateway (SSDG) also
taking place, a lot of information is going to be
available in cyber space.
• We have already started taking preemptive
measures to minimize the incidence of cyber
attacks on our IT infrastructure.
IT Infrastructure in Sikkim
• State Data Centre (SDC)
• State Wide Area Network (SWAN)
• Common Service Centers (CSC)
– 45 CSCs all across state
– Basically an internet café
www.sikkim.gov.in
Current Status of Cyber Security&
Cyber Crime in SIkkim
• Fortunately Sikkim has not had many cases of cyber
crime.
• Till date a total of 2 (two) government website have been
reported to be hacked in Sikkim. As of now the Cyber
Security threats are related to defacement of websites.
• Only 1 case has been registered under IT Amendment
Act 2008, 66A, 67 with the Crime branch- cyber cell. The
case relates to hacking of the facebook account of
complainant, a resident of Gangtok. The hacker
(unknown) hacked his facebook account and posted
obscene pictures and abusive languages to all the
friends listed in his account. The motive judged was to
defame the complainant. The case has been registered
with the Cyber cell, Crime branch, Police HQ.
Strategic Approach undertaken by IT
Department, Govt. of Sikkim
1.
2.
3.
4.
5.
Formulation of Cyber Security Policy
Notification of Cyber Café Rules
Capacity Building & Training
Awareness & Advocacy
Coordination with Govt. of India for
Technological Support
CYBER SECURITY POLICY
• As per the guidelines of the Government of
India, the State Government has formulated the
Cyber Security Policy
• The Cyber Security Policy will define a set of
minimum information security requirements that
shall be met by all the departments; formation of
Cyber Security Task Force Committee and each
department is headed by Information Security
Officer
• This includes a physical visit by the Cyber Task
force to all Departments to inspect the computer
systems and check for vulnerability.
CYBER CAFÉ RULES
• The department has notified the Cyber Café Rules (2009)
which aims to regulate, govern and control the use of the
Cyber Café centers in the State.
• The rules impose a social responsibility on Cyber Café
owners and authorizes them to keep a record of the usage of
the cyber café in a log book. Users are required to show a
proof of identity before they can use the facility in the cyber
café. Further it empowers the Cyber Cell of the Crime
Branch to inspect the Cyber Cafes and ensure that they are
complying with the provisions of these rules.
• Recently a team from Cyber Cell, Crime Branch visited all the
cyber cafes in Gangtok to ensure the compliance of the rules.
These measures it is hoped will go a long way in preventing
the use of Cyber cafes by unsocial and anti-national
elements.
WORKSHOPS AND TRAININGS ON CYBER SECURITY
1. Conducted a workshop for Cyber Café Owners in the year 2006 related to the
security issues.
2. CERT-In conducted a workshop on Cyber Security during SIKITEX-2009 for
Cyber Café owners and public.
3. Information Technology, Government of Sikkim conducted a workshop on Cyber
Café Rules in association with the Crime Branch, Sikkim Police during IT
Exhibition and Conference SIKITEX 2010 at Gangtok which was attended by the
Cyber Café owners and the Police officers.
4. A Seminar related to Hacking was organized in the Department of IT, Government
of Sikkim by the IL&FS
5. Three candidates were sponsored for attending a six months training on Ethical
Hacking and thereafter a three days workshop at Guwahati. Their services are
requisitioned for Cyber Security whenever the requirement arises.
Other Important Activities
• STANDING COMMITTEE ON INFORMATION TECHNOLOGY
– The main discussion during the Standing Committee on
Information Technology held from 4th July to 7th July 2011 at
Gangtok on the subject of Cyber Crime , Cyber Security and Right
to Privacy.
• Awareness in the Investing Agencies
– The officers of the Investigating agencies have been attending
various programmes and workshops organized by the
Government of India related to Cyber Security and related
issues. As a result the level of awareness is fairly good.
TECHNICAL SUPPORT FROM GOVERNMENT OF INDIA
• CERT-In sends us advisories monthly alerting
the department of the attacks taken place and
measures to secure web applications and web
servers. CERT-In has been engaged for
conducting seminars and workshops during
Annual IT Exhibition and conference SIKITEX at
Gangtok, organized by the Department of IT,
Government of Sikkim. Participants in the
workshop have been the general public, Cyber
Café owners and the state government
employees including the Police.
FUTURE PLAN OF ACTION
• Proposal to conduct many more short courses
on Cyber Security for all Government employees
& Internet Safety courses for School Students
• Mock drills planned
• Sikkim Police will be establishing a Cyber
Forensic Lab for the State shortly.
• ISO 27001 Certification for the State Data
Centre
• Strict Implementation of IPv6 as per Government
of India Guidelines.
Thank you
www.sikkim.gov.in
T. Samdup
Jt. Director,
IT Department,
Government of Sikkim
t.samdup@nic.in
9647853159(mobile)
Download